I’m slightly confused between SSO, OAuth2, etc. so I tried to create a simple chart to get a general understanding. Is this correct?
[I’m not a developer but I need to understand this to make some decisions - thanks!]
I’m slightly confused between SSO, OAuth2, etc. so I tried to create a simple chart to get a general understanding. Is this correct?
[I’m not a developer but I need to understand this to make some decisions - thanks!]
Yes, that’s pretty much it.
For reference here are exemplar login sequences without SSO - note that Discourse has to understand how to interface with each possible backend:
Here is an example with SSO - note that Discourse only communicates with a Single system - whatever happens behind that (username/password, oAuth2, fingerprints, RFID card, blood sample, retinal scanner) is of no concern to Discourse:
Great, thank you, very helpful!
Another helpful discussion regarding SSO and the levels of spam protection, linked here for reference