OpenID Connect meets SAML and Shibboleth

Will the up and coming OpenID Connect (OIDC) displace the established Security Assertion Markup Language (SAML)? In some domains, it already has, thanks to the wide availability of implementations for many programming languages. It also offers an easy solution for delegating access to protected resources, something that is possible with SAML but more difficult to realise, and is a typical use case for mobile applications today. However, OIDC has no concept of a “federation”, i.e. a private group of entities who trust each other, and that is a big drawback to adoption in a federated context like research and education. In this article, we will look into a few initiatives that seek to bridge the gap between the two realms. Continue reading “OpenID Connect meets SAML and Shibboleth”