Authorization and Authentication Protocols

This post summarizes some authentication and authentication protocols.

List of Authorization and Authentication Protocols

Authorization and Authentication Protocols

  • LADP
  • SAML
  • OAuth
  • OpenID Connect
  • Kerberos
  • WS-Federation


Lightweight Direct Access Protocol (LDAP) is usually used to manage resources.


Security Access Markup Language (SAML), for authentication. HTTP or HTTPS protocol.

SAML allows to manage identities between applications.


OAuth for authorization. Identify machines between them.

OpenID Connect

OpenID Connect is used for user authentication.

OpenID Connect for authentication.

HTTP or HTTPS protocol. It is built over OAuth 2.0.

It works with ID token and Access token.


There are different attacks on Kerberos:

  • Pass the hash
  • Pass the ticket
  • Golden ticket
  • Kerberoastin
  • Asreproast


WS-Federation, for authentication. HTTP or HTTPS protocol.

Identity Products

Identity Products:

  • Azure Active Directory
  • Sailpoint

Azure Active Directory

Azure Active Directory, also known as Azure AD, does not use Kerberos authentication; instead, it uses HTTP and HTTPS protocols such as SAML, WS-Federation, and Open ID Connect for authentication

Leave a Reply

Your email address will not be published. Required fields are marked *