4

The Wikipedia article says

Other shared authentication schemes not to be confused with SSO include OAuth, OpenID, OpenID Connect and Facebook Connect, which require the user to enter their login credentials each time they access a different site or application.

but I've seen OpenID and SAML compared as if they are trying to achieve the same thing (the above article says SAML is an SSO mechanism).

Can someone explain why OpenId is not an SSO mechanism?

Community
  • 1
  • 1
Can't Tell
  • 12,714
  • 9
  • 63
  • 91

1 Answers1

7

Forget about that article, that's the most confusing story around SSO I've ever read, containing statements that are plain wrong.

OpenID is an SSO mechanism, just like SAML, OpenID Connect and Facebook Connect. LDAP and OAuth are not SSO mechanisms, but one could build an SSO mechanism on top of OAuth, which is what OpenID Connect and Facebook Connect are.

Hans Z.
  • 50,496
  • 12
  • 102
  • 115