At a high level, there are four items that we will focus on in this guide for the integration stage:
- Authentication - How a user is authenticated and their identity validated
- User Profile - How the user's identity attributes are provided
- Authorization & Access Control - How an application can enforce authorization decisions based on the security token
- Session Management - How to start, end, revoke and refresh a users session
There are a number of additional considerations that should also be taken into account (for example federated user provisioning) however, this guide will focus on the SSO activity.