Identity Protocols Deep Dive: SAML, OAuth 2.0, OIDC & WS-Fed Explained

A detailed examination of four key Identity and Access Management (IAM) protocols: SAML 2.0, WS-Federation, OAuth 2.0, and OpenID Connect (OIDC). The content addresses the fundamental differences between Authentication (AuthN) and Authorization (AuthZ) within enterprise systems. The discussion includes analysis of data flows and real-world implementation examples for each protocol.

Specific focus is placed on SAML 2.0, analyzing the Service Provider (SP)-Initiated flow and XML assertions, often utilized for enterprise Single Sign-On (SSO). WS-Federation, a protocol associated with Microsoft environments like SharePoint and Active Directory Federation Services (AD FS), is also explored. Further segments cover OAuth 2.0 for delegated access, particularly the Authorization Code flow, and OpenID Connect as a modern identity layer built upon OAuth 2.0.

This technical overview is intended for System Administrators, Developers, and IT Security professionals seeking to understand the structure and application of these identity protocols.