Term | Definition |
|---|---|
| Access Token | Tokens that contain security credentials with information identifying the client, user (or group of users), and their privileges. The token bearer has authorization to access that API's data. |
| Authentication | Process of confirming an entity's identity (e.g., user), based on some type of proof or validation. This sign-in process verifies the identity of the entity requesting access to a website or web service. Entities can be people or an agent representing an API request. |
| Authorization | Process of granting or denying permission for an entity (e.g., user) to access a resource or service or to perform an action. |
| Authorization Server | Server that enforces access policies, issuing Access Tokens to the client application (e.g., web application), after obtaining authorization from the Resource Owner (e.g., user). |
Term | Definition |
|---|---|
| CORS | CORS (Cross-origin resource sharing) is a mechanism that allows a server to indicate any origins (domain, scheme, or port) other than its own from which a browser should allow loading of restricted resources. Web pages can thus embed resources (images, stylesheets, scripts, iframes, and videos) from a server in another domain (another origin). |
Term | Definition |
|---|---|
| Endpoint | The URLs used when Service Providers and Identity Providers communicate. |
| Entity ID | A unique identifier used to represent an entity, such as Identity Providers or Service Providers. Also called Identity Provider Issuer in Okta applications. |
Term | Definition |
|---|---|
| Federated Identity | Identification that allows a user to have their attributes stored across multiple distinct platforms (identity management systems). This enables users from one domain to securely access data from other domains without redundancy in user administration. Some technologies used by Federated identity: SAML, OAuth, OpenID, Security Tokens, among others. |
| Federated Login | Process that unifies login (access and user management) through federated identities. |
Term | Definition |
|---|---|
| Identity and Access Management (IAM) | Deals with authentication, authorization, and access control to determine which resources users (or groups of users) can access and which roles they can execute. |
| Identity Provider (IdP) | Service that manages user accounts, validating a user's identity in a federated system. The Service Provider obtains the user's identity through the IdP. |
Term | Definition |
|---|---|
| LDAP | LDAP (Lightweight Directory Access Protocol) is a protocol that interacts with directory servers and allows applications to perform searches quickly. LDAP enables users to authenticate only once and access different server files. |
Term | Definition |
|---|---|
| Metadata | A set of information provided by the IdP to the SP, or vice versa, in XML format. |
| Multi-Factor Authentication (MFA) | Method that verifies the identity of the user performing a sign-in. Access is granted only after the user has been authenticated by at least two different mechanisms, for example: access password and code generated by an application. |
Term | Definition |
|---|---|
| NameID | Indicates how users in an identity provider are mapped to users in service providers during a Single Sign-on process. |
Term | Definition |
|---|---|
| OAuth 2.0 | OAuth (Open Authorization) is a standard online authorization protocol that allows an application or website to authenticate to another on behalf of a user. Access is limited and credentials are not exposed. |
| OpenID Connect (OIDC) | An authorization protocol based on OAuth 2.0. OpenID Connect uses OAuth 2.0 for authentication and authorization and then creates and assigns unique identities for each user. |
Term | Definition |
|---|---|
| Resource Owner | Entity capable of providing access to a restricted resource. |
| Resource Server | Server that hosts restricted resources. Handles authentication requests from an application that has an access token. |
| Roles | Allow controlling user permissions and managing access according to your company's security needs and policies. |
Term | Definition |
|---|---|
| SAML | Security Assertion Markup Language (SAML) is a protocol used to integrate authentication and authorization functions between multiple systems. It enables Single Sign-On in browsers. |
| Service Provider (SP) | SAML Service Provider is the resource or service (application) that the user wants to access. |
| Single Sign-On | Authentication scheme that allows a user to log in to multiple independent systems using a single ID and password. This is usually enabled by LDAP. |
Term | Definition |
|---|---|
| Teams | Allow creating and managing user teams for Sensedia products. |
We use cookies to enhance your experience on our site. By continuing to browse, you agree to our use of cookies.Learn more