Structured Lists Directory

TOML

Authentication and Authorization Protocols - TOML

Authentication and authorization protocols are standards for securely verifying user identities and managing access rights between systems. OAuth 2.0 enables delegated limited access for third-party applications, OpenID Connect functions as an authentication layer built on OAuth 2.0, and SAML is an XML-based standard for enterprise single sign-on. These protocols form the foundation for secure identity federation in modern web applications and enterprise systems.

authentication authorization OAuth OpenID Connect SAML security SSO identity management 
[[items]]
code = "oauth-2-0"
slug = "oauth-2-0"
name = "OAuth 2.0"
description = "An authorization framework for delegated limited access to third-party applications."
category = "Authorization Protocol"
dataFormat = "JSON"
rfcNumber = "RFC 6749"
standardBody = "IETF"
tokenFormat = "Bearer Token"
basedOn = ""

[[items]]
code = "openid-connect"
slug = "openid-connect"
name = "OpenID Connect 1.0"
description = "A simple identity layer built on top of the OAuth 2.0 protocol."
category = "Authentication Protocol"
dataFormat = "JSON (JWT)"
rfcNumber = ""
standardBody = "OpenID Foundation"
tokenFormat = "ID Token (JWT)"
basedOn = "OAuth 2.0"

[[items]]
code = "saml-2-0"
slug = "saml-2-0"
name = "SAML 2.0"
description = "An XML-based standard for exchanging authentication and authorization data between security domains."
category = "Authentication and Authorization Protocol"
dataFormat = "XML"
rfcNumber = ""
standardBody = "OASIS"
tokenFormat = "SAML Assertion"
basedOn = ""

[[items]]
code = "oauth-pkce"
slug = "oauth-pkce"
name = "OAuth 2.0 with PKCE"
description = "An OAuth 2.0 extension that prevents authorization code interception attacks for public clients."
category = "Authorization Protocol Extension"
dataFormat = "JSON"
rfcNumber = "RFC 7636"
standardBody = "IETF"
tokenFormat = "Bearer Token"
basedOn = ""

[[items]]
code = "oauth-device-flow"
slug = "oauth-device-flow"
name = "OAuth 2.0 Device Authorization Grant"
description = "An OAuth 2.0 flow for devices with limited input or browserless devices."
category = "Authorization Protocol Extension"
dataFormat = "JSON"
rfcNumber = "RFC 8628"
standardBody = "IETF"
tokenFormat = "Bearer Token"
basedOn = ""

[[items]]
code = "jwt"
slug = "jwt"
name = "JSON Web Token (JWT)"
description = "A compact, URL-safe means of representing claims to be transferred between two parties."
category = "Token Format"
dataFormat = "JSON"
rfcNumber = "RFC 7519"
standardBody = "IETF"
tokenFormat = "JWT"
basedOn = ""

[[items]]
code = "ldap"
slug = "ldap"
name = "LDAP"
description = "A standard protocol for accessing and maintaining distributed directory information services over IP networks."
category = "Directory Protocol"
dataFormat = "BER/DER"
rfcNumber = "RFC 4510"
standardBody = "IETF"
tokenFormat = ""
basedOn = ""

[[items]]
code = "kerberos"
slug = "kerberos"
name = "Kerberos"
description = "A network authentication protocol using secret-key cryptography."
category = "Network Authentication Protocol"
dataFormat = "Binary"
rfcNumber = "RFC 4120"
standardBody = "IETF"
tokenFormat = ""
basedOn = ""

[[items]]
code = "cas"
slug = "cas"
name = "CAS (Central Authentication Service)"
description = "An enterprise single sign-on protocol for web applications."
category = "Single Sign-On Protocol"
dataFormat = "XML/JSON"
rfcNumber = ""
standardBody = "Apereo Foundation"
tokenFormat = ""
basedOn = ""

[[items]]
code = "ws-fed"
slug = "ws-fed"
name = "WS-Federation"
description = "A protocol specification for enabling federation across web services."
category = "Federation Protocol"
dataFormat = "XML"
rfcNumber = ""
standardBody = "OASIS"
tokenFormat = ""
basedOn = ""