Identity and Access Management (IAM) is the practice and tooling for defining who can do what on which resources within an organization or platform. It covers user and machine identities, group and role memberships, permission policies, and the audit trail of every authorization decision.
Core concepts
A bearer token is a credential that grants the holder access to a resource simply by presenting the token, with no additional proof of identity. The defining property is that whoever holds the token may use it; there is no cryptographic binding between the token and the requester. How it is used The standard way to present a bearer token is the HTTP Authorization header: Authorization: Bearer .…
A refresh token is a long-lived credential issued alongside a short-lived access token, used to obtain new access tokens without prompting the user to authenticate again. Refresh tokens trade convenience for risk: longer life means a wider compromise window, so they are stored more carefully and handled more strictly than access tokens.
How it works
When the user authorizes a client, the…
SAML (Security Assertion Markup Language) is an XML-based standard for exchanging authentication and authorization data between an identity provider (IdP) and a service provider (SP). It is the dominant federation protocol in enterprise SSO, where employees authenticate once at a corporate IdP and access many third-party applications.
How it works
When a user attempts to access an SP, the SP…
OpenID Connect (OIDC) is an authentication layer built on top of OAuth 2.0. Where OAuth defines authorization (who can access what), OIDC defines authentication (who the user is) by adding a standardized ID Token, a defined set of user claims, and a UserInfo endpoint.
How it works
OIDC reuses the OAuth 2.0 Authorization Code flow with one addition: when the client requests the openid scope,…
Session
The Session Technology Foundation cannot continue without your support. Donate today to help Session in its fight for survival.
Literally just found out about this through Twitter.
Chris McCabe the co-founder is asking for funding so they can continue to develop the app.
This news surprises me, but at the same…
The Session: Skate Sim team has released a new core update for PC and consoles tightening up the overall feel of the game and getting systems closer to where they ultimately want them. A big focus this time was cleaning up lingering physics and navigation issues. Weight distribution while cruising has been adjusted so the front truck is less likely to dive off sidewalks or drops, which makes…