At a high level, there are four items that we will focus on in this guide for the integration stage:

  • Authentication - How a user is authenticated and their identity validated
  • User Profile - How the user's identity attributes are provided
  • Authorization & Access Control - How an application can enforce authorization decisions based on the security token
  • Session Management - How to start, end, revoke and refresh a users session

There are a number of additional considerations that should also be taken into account (for example federated user provisioning) however, this guide will focus on the SSO activity.