Authentication and Authorization Protocols - TSV

code	slug	name	description	category	dataFormat	rfcNumber	standardBody	tokenFormat	basedOn
oauth-2-0	oauth-2-0	OAuth 2.0	An authorization framework for delegated limited access to third-party applications.	Authorization Protocol	JSON	RFC 6749	IETF	Bearer Token	
openid-connect	openid-connect	OpenID Connect 1.0	A simple identity layer built on top of the OAuth 2.0 protocol.	Authentication Protocol	JSON (JWT)		OpenID Foundation	ID Token (JWT)	OAuth 2.0
saml-2-0	saml-2-0	SAML 2.0	An XML-based standard for exchanging authentication and authorization data between security domains.	Authentication and Authorization Protocol	XML		OASIS	SAML Assertion	
oauth-pkce	oauth-pkce	OAuth 2.0 with PKCE	An OAuth 2.0 extension that prevents authorization code interception attacks for public clients.	Authorization Protocol Extension	JSON	RFC 7636	IETF	Bearer Token	
oauth-device-flow	oauth-device-flow	OAuth 2.0 Device Authorization Grant	An OAuth 2.0 flow for devices with limited input or browserless devices.	Authorization Protocol Extension	JSON	RFC 8628	IETF	Bearer Token	
jwt	jwt	JSON Web Token (JWT)	A compact, URL-safe means of representing claims to be transferred between two parties.	Token Format	JSON	RFC 7519	IETF	JWT	
ldap	ldap	LDAP	A standard protocol for accessing and maintaining distributed directory information services over IP networks.	Directory Protocol	BER/DER	RFC 4510	IETF		
kerberos	kerberos	Kerberos	A network authentication protocol using secret-key cryptography.	Network Authentication Protocol	Binary	RFC 4120	IETF		
cas	cas	CAS (Central Authentication Service)	An enterprise single sign-on protocol for web applications.	Single Sign-On Protocol	XML/JSON		Apereo Foundation		
ws-fed	ws-fed	WS-Federation	A protocol specification for enabling federation across web services.	Federation Protocol	XML		OASIS