Relying Party vs Identity Provider

About

Asked 24/1, 2018 at 11:15 Answered 25/6, 2022 at 20:21

Solved authentication single-sign-on openid openid-connect

Morning; I have some issue with security terms and especially in Oauth2 and OpenID context.

To be more specific I can not understand the difference between Relying Party and Identity Provider.

I have this sentence "Since then, CA SSO 12.7 has been released with support for OIDC as an identity provider but not a relying party" What's the difference between OpenID as Identity Provider and OpenID as Relying Party?

Based in what criteria are this scenerio deployed?

Thanks

Quadrillion answered 24/1, 2018 at 11:15 Comment(0)

The spec seems to call the identity provider "OpenID Provider" or "OP" representing the authorization server that issues tokens and verifies credentials of users and clients

The relying party is the client--the app that relies on the tokens and credential-validation of the OP

See:

Froufrou answered 24/1, 2018 at 11:26 Comment(0)

Relaying Party (RP) in OpenID is basically Service Provider (SP) in OAuth. They should use the same word.

Napier answered 25/6, 2022 at 20:21 Comment(0)

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags