Authing DocsDocuments
Concept
Guides
Development Integration
Application integration
Concept
Guides
Development Integration
Application integration
Old Version
Concept
  • What is Authing
  • What is the user pool
  • What is an application
  • What is certification
  • What is federal certification
  • What is authorization
  • Authentication vs authorization
  • What is JWT Token
  • What is ID Token
  • What is Access Token
  • What is Refresh Token
  • Access Token vs Id Token
  • OIDC FAQ
  • Understand the SAML2 protocol

  • Understand OIDC and OAuth2.0 protocol

  • What is multi-factor authentication
  • Account Lifecycle Management
  • Hosted login page vs embeddable login component
  • CIAM and EIAM
  • What is LDAP
  • Principle of Scan Code Login

¶ What is Federated Authentication

Update Time: 2022-05-14 19:59:55
Edit

In the early generation of the Internet, users’ with various accounts hold private information that would be scattered across different sites and applications. This have lead the following problems:

  1. Every time a user visits a new site, they must register an account with a new username and password.
  2. This account is only stored on this site.
  3. The end user is unable to save the logged in on different sites. User information cannot be shared between these sites. The Federated Authentication unites different identity providers to authenticate users through standard protocols. Federated Authentication has a strong trust relationship between these organizations. Identity providers can establish a federated relationship and can get user information from each other through standard protocols.

¶ Why do you need Federated Identity Authentication

Federated Authentication is a decentralized authentication. When a user logs in at an identity provider, the user can choose to log in to a federal identity provider trusted by the current identity provider. Users can log in to a new system through Federated Authentication without registering an account in the new organization. For example, many websites now have their registration and login methods; One way to log in is the app WeChat, it can scan codes to login directly. Among them, WeChat is the identity provider of this website. End users do not need to fill in the information to register an account and log in directly using WeChat.

Using Federated Authentication has the following benefits:

  1. Users do not have to create a new account.
  2. After accessing federation, users can switch between different organizations and sites without extra authentication.

¶ Principles of Federated Authentication

The following is the process of Federated Authentication. The end user is redirected to the federated identity for Authentication. First, the end user authenticates in the federated identity. Then, the federated identity sends an assertion to Authing, which is equivalent to the user completing the Authentication in Authing. Authing sends the assertion to the business system, and the login completes.

¶ Authing's Federated Authentication capabilities

Authing supports multiple standard protocols (opens new window) for Federated Authentication.

¶ OAuth2

Authing supports a variety of social login services, and customize OAuth2 social login.

¶ OpenID Connect

Authing supports federated authentication using OIDC。

¶ SAML2

Authing supports federated authentication using SAML2.

¶ CAS

Authing supports the use of CAS for federated authentication.

Prev: What is certification Next: What is authorization
  • Why do you need Federated Identity Authentication
  • Principles of Federated Authentication
  • Authing's Federated Authentication capabilities
  • OAuth2
  • OpenID Connect
  • SAML2
  • CAS

User identity management

Integrated third-party login
Mobile phone number flash check (opens new window)
Universal login form component
Custom authentication process

Enterprise internal management

Single Sign On
Multi-factor Authentication
Authority Management

Developers

Development Document
Framework Integration
Blog (opens new window)
GitHub (opens new window)
Community User Center (opens new window)

Company

400 888 2106
sales@authing.cn
16 / F, Block B, NORTH STAR CENTURY CENTER, Beijing(Total)
room 406, 4th floor, zone B, building 1, No. 200, Tianfu Fifth Street, Chengdu(branch)

Beijing ICP No.19051205-1

© Beijing Steamory Technology Co.