|
|
|
|
|
|
by tptacek
2251 days ago
|
|
|
You said "OAuth only does authz and must be combined with other technologies to get authn"; obviously, that's not true, in the sense that you can simply use OIDC --- a dialect of OAuth --- to get both. Since OIDC is better than SAML, which is probably the scariest security standard on the Internet, I think it's worth being clear to people that OIDC/OAuth is viable. The SAML authz story, for what it's worth, is pretty shady. |
|
|