Federated Identity enables Single Sign-On across different systems, domains, and organizations. Learn how it works, what protocols are involved, and how trust is brokered between Identity Providers and applications.
Authentication
8 posts
Active Directory and Azure AD both manage identities in Microsoft environments—but they serve very different purposes. This blog breaks down how they work, where they differ, and when to use each in modern application architecture.
LDAP is still widely used for centralized authentication and user directories in enterprise systems. This post breaks down how it works, how it compares to modern identity solutions, and how to integrate it as a developer.
OpenID Connect adds identity on top of OAuth 2.0. Learn how it works, when to use it, and how to implement secure login flows using Spring Security.
OAuth 2.0 is the backbone of modern authorization. Learn how it works, which flows to use, and how to implement OAuth securely using Spring Security.
Explore the core differences between session-based and token-based authentication. Understand the technical design, implementation trade-offs, and how Spring Security supports both approaches.
Authentication identifies who a user is. Authorization defines what they’re allowed to do. Learn the technical distinctions with Spring Security examples to apply these concepts in your applications.
Kick off your journey into Application Security with this visual overview of modern authentication, authorization, and identity protocols. From OAuth to LDAP, this series maps out everything you need to build secure, user-aware applications.