【Security】Authentication（身份认证）- OpenID Connect (OIDC)

OpenID Connect (OIDC) OpenID Connect（简称 OIDC）是一个基于 OAuth 2.0 协议的身份认证层，它允许客户端应用程序验证用户的身份，并获取用户的基本信息（称为 profile 信息） ...

Posted by Wei on 2025-05-22, Last Modified on 2025-05-23

【Security】Authorization（授权）- OAuth 2

Background

为了理解OAuth的适用场合，让我举一个假设的例子。

有一个"云冲印"的网站，可以将用户储存在Google的照片，冲印出来。用户为了使用该服务，必须让"云冲印"读取自己储存在Google上的照片。

...

Posted by Wei on 2025-05-22, Last Modified on 2025-05-23

【Security】Identity and Access Management (IAM) - Authentication（身份认证）和 Authorization（授权）

Identity and Access Management (IAM)

Identity and access management (IAM or IdAM for short) is a way to tell who a user is and what they are allowed to do. IAM is like the bouncer at the door of a nightclub with a list of who is allowed in, who isn’t allowed in, and who is able to access the VIP area. IAM is also called identity management (IdM).

...

Posted by Wei on 2025-05-22, Last Modified on 2025-06-02

【Security】Single Sign-On（SSO，单点登录）

Single Sign-On（SSO) Single sign-on (SSO) is a service that enables users to authenticate only once. Users sign in to the SSO service, which then passes on this authentication to every application by sending a digital authentication message to each application as needed. It should not be confused with same-sign on (Directory Server Authentication), often accomplished by using the Lightweight ...

Posted by Wei on 2025-05-22, Last Modified on 2025-05-23

【Engineering】Diagram

...

Posted by Wei on 2025-04-21, Last Modified on 2025-05-23

西维蜀黍

【Security】Authentication（身份认证）- OpenID Connect (OIDC)

【Security】Authorization（授权）- OAuth 2

Background

【Security】Identity and Access Management (IAM) - Authentication（身份认证）和 Authorization（授权）

Identity and Access Management (IAM)

【Security】Single Sign-On（SSO，单点登录）

【Engineering】Diagram

FEATURED TAGS

ABOUT ME

FRIENDS