Recently in Authorization Category

XACML w/ OpenID Connect, SAML, OAuth and SCIM

| No Comments

At the end of Paul Madsen's presentation at CIS a couple weeks ago, he ended with a question that he also posed on Twitter:

XACML is like a fly in the ointment of  SAML, OAuth, OpenID, SCIM and the other related security standardsThe integration of SAML, OAuth, OpenID Connect, SCIM, and other neosecurity standards are relatively straightforward. The fly in the ointment though is XACML. How does it fit w/ all these other security specs? Matt Topper offered his thoughts in reply to Paul's tweet:

When I borrowed a similar deck from Paul for a recent presentation in London, I left off w/ the same question. I was followed that day by David Brossard, VP of Product Management at Axiomatics, a company specializing in XACML who we've since partnered w/. Him and I talked about Matt's point in the blogosphere a couple years ago and discussed these things more that day. After all these conversations and time, let me try to summarize my current thinking on how XACML integrates with protocols like SAML, OAuth, and OpenID Connect.