JSON
Authentication and Authorization Protocols - JSON
Authentication and authorization protocols are standards for securely verifying user identities and managing access rights between systems. OAuth 2.0 enables delegated limited access for third-party applications, OpenID Connect functions as an authentication layer built on OAuth 2.0, and SAML is an XML-based standard for enterprise single sign-on. These protocols form the foundation for secure identity federation in modern web applications and enterprise systems.
authentication
authorization
OAuth
OpenID Connect
SAML
security
SSO
identity management
[
{
"code": "oauth-2-0",
"slug": "oauth-2-0",
"name": "OAuth 2.0",
"description": "An authorization framework for delegated limited access to third-party applications.",
"category": "Authorization Protocol",
"standardBody": "IETF",
"rfcNumber": "RFC 6749",
"tokenFormat": "Bearer Token",
"dataFormat": "JSON"
},
{
"code": "openid-connect",
"slug": "openid-connect",
"name": "OpenID Connect 1.0",
"description": "A simple identity layer built on top of the OAuth 2.0 protocol.",
"category": "Authentication Protocol",
"standardBody": "OpenID Foundation",
"tokenFormat": "ID Token (JWT)",
"dataFormat": "JSON (JWT)",
"basedOn": "OAuth 2.0"
},
{
"code": "saml-2-0",
"slug": "saml-2-0",
"name": "SAML 2.0",
"description": "An XML-based standard for exchanging authentication and authorization data between security domains.",
"category": "Authentication and Authorization Protocol",
"standardBody": "OASIS",
"tokenFormat": "SAML Assertion",
"dataFormat": "XML"
},
{
"code": "oauth-pkce",
"slug": "oauth-pkce",
"name": "OAuth 2.0 with PKCE",
"description": "An OAuth 2.0 extension that prevents authorization code interception attacks for public clients.",
"category": "Authorization Protocol Extension",
"standardBody": "IETF",
"rfcNumber": "RFC 7636",
"tokenFormat": "Bearer Token",
"dataFormat": "JSON"
},
{
"code": "oauth-device-flow",
"slug": "oauth-device-flow",
"name": "OAuth 2.0 Device Authorization Grant",
"description": "An OAuth 2.0 flow for devices with limited input or browserless devices.",
"category": "Authorization Protocol Extension",
"standardBody": "IETF",
"rfcNumber": "RFC 8628",
"tokenFormat": "Bearer Token",
"dataFormat": "JSON"
},
{
"code": "jwt",
"slug": "jwt",
"name": "JSON Web Token (JWT)",
"description": "A compact, URL-safe means of representing claims to be transferred between two parties.",
"category": "Token Format",
"standardBody": "IETF",
"rfcNumber": "RFC 7519",
"tokenFormat": "JWT",
"dataFormat": "JSON"
},
{
"code": "ldap",
"slug": "ldap",
"name": "LDAP",
"description": "A standard protocol for accessing and maintaining distributed directory information services over IP networks.",
"category": "Directory Protocol",
"standardBody": "IETF",
"rfcNumber": "RFC 4510",
"dataFormat": "BER/DER"
},
{
"code": "kerberos",
"slug": "kerberos",
"name": "Kerberos",
"description": "A network authentication protocol using secret-key cryptography.",
"category": "Network Authentication Protocol",
"standardBody": "IETF",
"rfcNumber": "RFC 4120",
"dataFormat": "Binary"
},
{
"code": "cas",
"slug": "cas",
"name": "CAS (Central Authentication Service)",
"description": "An enterprise single sign-on protocol for web applications.",
"category": "Single Sign-On Protocol",
"standardBody": "Apereo Foundation",
"dataFormat": "XML/JSON"
},
{
"code": "ws-fed",
"slug": "ws-fed",
"name": "WS-Federation",
"description": "A protocol specification for enabling federation across web services.",
"category": "Federation Protocol",
"standardBody": "OASIS",
"dataFormat": "XML"
}
]