All you need to know about login (SSO, LDAP, SAML, OAuth, OpenID)I was recently asked this question again: “What is the difference between authentication and authorization?”

LORY
4 min readAug 27, 2023

Let’s touch all of them in this single post. walkthrough in 10 mins.

Back to the old-school

A quick explanation.

Login: Authentication (Who you are). before accessing any resource, you need a “token”. and of course, before login, you need to register first.

Token generation and verification: Authorization (What you can do). this is the step after logging in or renewing a token(using a refresh token). the token that is stored in db (or here could be a standalone IDP, which depends on the design) is valid for a certain time window.

So what is a token? — You can think of it as “an encrypted identity within a time window”. or, you can also treat it as either of below:

  • A movie or whatever ticket when watching a show
  • A “day pass” when you enter a building

So the problem with the above traditional flow is — to reinvent the wheel. Let’s think about 2 cases.

  • Company system (every company will have to build its own login)

--

--

LORY

A channel which focusing on developer growth and self improvement