Conventionally, "authn" means authentication, "authz" means authorization, and plain old "auth" doesn't mean anything in particular.
I don't think it makes sense to blame SAML for the awkwardness of using the passive browser sign-in scenario for something for which it was not designed. There are other profiles and other protocols available from any competent security token service.
Also bear in mind there is a tremendous amount of confusion around the SAML terminology, which can mean the token format, or the protocol for exchanging authentication request messages, which are entirely separate things.
2 comments
[ 2.7 ms ] story [ 17.2 ms ] threadConventionally, "authn" means authentication, "authz" means authorization, and plain old "auth" doesn't mean anything in particular.
I don't think it makes sense to blame SAML for the awkwardness of using the passive browser sign-in scenario for something for which it was not designed. There are other profiles and other protocols available from any competent security token service.
Also bear in mind there is a tremendous amount of confusion around the SAML terminology, which can mean the token format, or the protocol for exchanging authentication request messages, which are entirely separate things.