IAM, AuthN & AuthZ

IAM

Resources

• What is an identity provider (IdP)? | Cloudflare
• What is identity and access management (IAM)? | Cloudflare
• What is Identity Access Management (IAM)? | Microsoft Security
• What Is Attribute-Based Access Control (ABAC)? | Okta
• RBAC vs. ABAC: Definitions & When to Use | Okta

AuthN & AuthZ

Kerberos

• Quick Overview of Kerberos Authentication | by Nairuz Abulhul | R3d Buck3T | Medium

  Note that the account passwords in the previous diagram refers to the NTLM hash of the user password, not the clear-text password - as those are not stored on-desk in clear-text.

SAML

• What is SAML and how does SAML Authentication Work (auth0.com)
• SAML AuthnRequest Examples | SAMLTool.com

OAuth

• OAuth grant types | Web Security Academy (portswigger.net)
• What are the trade-offs between implicit grant flow and authorization code flow? (linkedin.com)

Authorization Code Grant

Implicit Grant

Resources

• Things to Know about Authentication/Authorization protocols! | by umang goel | Medium