Skip to main content

Overview

In this section, we will show you how to connect your application to SetherAuth.

As a Service Provider (SP), SetherAuth supports two authentication protocols:

  • OAuth 2.0 (OIDC)
  • SAML

As an Identity Provider (IdP), SetherAuth supports four authentication protocols:

  • OAuth 2.0
  • OIDC
  • SAML
  • CAS 1.0, 2.0, 3.0

OAuth 2.0 (OIDC)

What is OAuth 2.0?

OAuth 2 is an authorization framework that enables applications — such as Facebook, GitHub, and SetherAuth — to obtain limited access to user accounts on an HTTP service. It works by delegating user authentication to the service that hosts a user account and authorizing third-party applications to access that user account. OAuth 2 provides authorization flows for web and desktop applications, as well as mobile devices.

SetherAuth's authorization process is built upon the OAuth 2.0 protocol. We recommend using the OAuth 2.0 protocol for the following reasons:

  1. The protocol is simple and easy to implement, and can solve many scenarios.
  2. It has a high maturity level and extensive community support.

Therefore, your application will communicate with SetherAuth via OAuth 2.0 (OIDC). There are three ways to connect to SetherAuth:

Standard OIDC client

Standard OIDC client: Use a standard OIDC client implementation, which is widely provided in any programming language or framework.

What is OIDC?

OpenID Connect (OIDC) is an open authentication protocol that works on top of the OAuth 2.0 framework. Targeted toward consumers, OIDC allows individuals to use single sign-on (SSO) to access relying party sites using OpenID Providers (OPs), such as an email provider or social network, to authenticate their identities. It provides the application or service with information about the user, the context of their authentication, and access to their profile information.

SetherAuth fully supports the OIDC protocol. If your application is already using another OAuth 2.0 (OIDC) identity provider via a standard OIDC client library, and you want to migrate to SetherAuth, using OIDC discovery will make it very easy to switch to SetherAuth.

SetherAuth SDKs

SetherAuth SDKs: For most programming languages, SetherAuth provides easy-to-use SDK libraries on top of OIDC, with extended functionality that is only available in SetherAuth.

Compared to the standard OIDC protocol, SetherAuth's SDK provides more functionalities, like user management and resource uploading, among others. Connecting to SetherAuth via the SetherAuth SDK requires more time than using a standard OIDC client library, but it offers the best flexibility and the most powerful API.