Hello there!

Need Help? We are right here!

support
miniOrange Email Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Single Sign On (SSO) using OAuth
miniOrange allows an enduser to login to our portal with approval of resource-owner or enduser using their Google, Facebook or Twitter accounts.

What is OAuth?

OAuth (Open Authorization) is an open standard for token-based authentication and authorization which is used to provide single sign-on (SSO).

OAuth allows an end user's account information to be used by third-party services, such as Facebook, without exposing the user's password. It acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared.

OAuth 1.0 vs. OAuth 2.0

OAuth 1.0 OAuth 2.0
OAuth 1.0 used complicated cryptographic requirements. OAuth 2.0 is faster and easier to implement.
It requires to encrypt the OAuth token on the endpoints. OAuth tokens no longer need to be encrypted on the endpoints in 2.0 since they are encrypted in transit.
OAuth 1.0 only supported three flows, and did not scale. OAuth 2.0, on the other hand, has six flows for different types of applications and requirements, and enables signed secrets over HTTPS.

Why OAuth?

OAuth is a slightly newer standard that was co-developed by Google and Twitter to enable streamlined internet logins. OAuth uses a similar methodology as SAML to share login information. SAML provides more control to enterprises to keep their SSO logins more secure, whereas OAuth is better on mobile and uses JSON.Facebook and Google are two OAuth providers that you might use to log into other internet sites.

SAML vs. OAuth

SAML OAuth
SAML uses XML to send Messages. OAuth uses JSON.
SAML is more into enterprise security. OAuth 2.0 for Native and Mobile Apps.
SAML uses session cookie in a browser that allows a user to access certain web pages. OAuth uses API calls extensively so mostly it used to provide a better experience in mobile applications, modern web applications, game consoles, and the Internet of Things (IoT) devices.

OAuth Protocol Flow Diagram:

OAuth - miniOrange OAuth Single Sign-On (SSO) Flow:

Let us take an example to show you how to implement OAuth as a Consumer:

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com