The purpose of this article is to be an overview of how the concerns of Authentication & SSO come together to plug into Authorization (mainly in the scope of API authorization). Application Architectures utilize industry standard protocols and patterns necessary to work together in all applications such as B2C, B2B, and B2E. The primary audience of this document is application architects and application security architects. However, those in the Identity and Access Management space will also find the concepts presented here apply to them.
Web Application and Mobile Thick Client Authentication Strategy
User Authentication and Authorization across web applications (both mobile and non-mobile) for all application realms (B2C, B2B, and B2E) should focus on SSO (Single-Sign-On). Web applications authenticate users using an Identity Provider that supports the standard like SAML2 and OAuth2. In addition, all mobile (Phone or Tablet) thick applications should authenticate their users by utilizing an Identity Provider that supports the industry standard OAuth2 Protocol.
Read the original article: