+1 vote
asked Sep 22, 2015 in Computer Science - IT by AKHIL | 91 views

1 Answer

0 votes

I assume you need a comparison between SAML and OAuth in Single Sign On 

Security Assertion Markup Language (SAML) is an XML standard that allows secure web domains to exchange user authentication and authorization data. Using SAML, an online service provider can contact a separate online identity provider to authenticate users who are trying to access secure content.

For example :
Google Apps offers a SAML-based Single Sign-On (SSO) service that provides partner companies with full control over the authorization and authentication of hosted user accounts that can access web-based applications like Gmail or Google Calendar.

But ,
OAuth (Open Authorization) is a standard for authorization of resources. It does not deal with authentication.

Explanation with example :


Let’s say we have a sales executive who wants access to the contact details of his top 500 accounts from saleforce.com on his mobile phone. The application developers use OAuth in writing the application, as Salesforce.com uses OAuth. When the user logs in for the first time to the application, they sign in using OAuth, which establishes trust between your application and Salesforce.com (federated identity). Once the trust has been established, the application can act as the user within Salesforce.com – and depending on the access granted can read or write data back to Salesforce.com.

Popular cloud service providers such as Google, Salesforce.com and Dropbox use OAuth to enable enterprise applications to use their services.


Let’s say your accounting team executive needs access to your custom accounting software, the bank account and an ERP database. These applications need to be able to communicate with each other using a common authentication scheme to provide a seamless user experience that enables one login to provide access to all the parts of the online banking web portal. SAML provides the agreement and authentication between the unrelated systems to accomplish this. And, SAML doesn’t only do single sign-on, but it also has authorization services and back office transaction capabilities. SAML works with nearly any application with APIs – custom or not to provide these services. The SAML Web SSO Profile provides the ability for users to access multiple applications with a single set of credentials entered once.

While cloud computing may be still be confusing to many end users, hopefully this high level overview of SAML and OAuth can help you decide which you need to implement and when each is best used in your organization. The proper implementation of each standard is often invisible to your users, but each has its own use case.

Summary :

Both have pros and cons between them.It would depend on your implementation method.

Hope that clears your doubt :)

References :




answered Sep 22, 2015 by slow_learner