outbound

Glossary

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

The direction of transaction flow from a service or server.

Kerberos

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

A network authentication protocol to provide strong authentication for client/server applications using symmetric key cryptography and a trusted authentication service (Key Distribution Center). The Key Distribution Center (KDC) authenticates the client and issues tickets allowing access to the server. Kerberos is the default authentication technology used by Microsoft.

Kerberos ticket

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

Issued to an authenticated client to allow access to a server on the network.

Key Distribution Center (KDC)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

The Kerberos Key Distribution Center (KDC) authenticates the client and issues tickets allowing access to a server on the network.

Key Distribution Center

KDC

key size

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

The length in bits for a key used by a cryptographic algorithm..

key pair

Page created: 22 Sep 2020 |
Page updated: 13 Sep 2022

The private key and public key represented by a certificate.

Kubernetes

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

An open-source system for automating deployment and management of containerized applications.

LDAP Data Interchange Format (LDIF)

Page created: 22 Sep 2020 |
Page updated: 21 Jul 2022
| 1 min read

An IETF standard file format for representing LDAP directory content and modifications to directory content. Typically used to import and export LDAP-based directory information.

LDIF

Lightweight Directory Access Protocol (LDAP)

Page created: 22 Sep 2020 |
Page updated: 21 Jul 2022
| 1 min read

An open, cross platform protocol used for interacting with directory services.

LDAP

magic link

Page created: 29 Nov 2022 |
Page updated: 29 Nov 2022

A passwordless authentication method that involves the authentication service sending a single-use sign on link to the user by email or SMS.

message authentication code (MAC)

Page created: 25 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

A generated code that authenticates a message’s sender and content.

message authentication code (MAC)

MAC

metadata

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

A summary description of referenced data.

multi-factor authentication (MFA)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

An electronic authentication method where a user is granted access only after presenting two or more verification factors for authentication.

multi-factor authentication (MFA)

MFA

network access server (NAS)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

A server accessible using a point-to-point protocol connection that acts as a gateway between an external network and an internal network. Typically used by Radius clients.

network access server (NAS)

NAS

OAuth

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021

A standard framework that enables an application (OAuth client) to obtain access tokens from an OAuth authorization server for the purpose of retrieving protected resources on a resource server.

OAuth authorization server (AS)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

The authorizing service in an OAuth framework that issues and manages access tokens for clients to access protected resources.

OAuth authorization server (AS)

OAuth AS

OAuth client

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
The application in an OAuth framework that requests access to resources. If the request is approved by the authorization server, the client is issued an access token for the resources.

Online Certificate Status Protocol (OCSP)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

The protocol used by Certificate Authorities (CAs) to check the revocation status of an X.509 certificate.

Online Certificate Status Protocol (OCSP)

OCSP

one-time passcode (OTP)

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022
| 1 min read

A passcode valid for only one sign on or transaction on a computer system or other digital device. Also known as a one-time password, one-time PIN, or dynamic password.

one-time passcode (OTP)

OTP

opaque

Page created: 22 Sep 2020 |
Page updated: 7 Jul 2022

Not readable. If a user's subject identifier is opaque, an SSO partner cannot directly identify the user with reference to the source. An persistent identifier, or pseudonym, can be used for account linking.

OpenID Connect (OIDC)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

An authentication protocol built on top of OAuth that authenticates users and enables clients (relying parties) of all types to request and receive information about authenticated sessions and users. OIDC is extensible, allowing clients to use optional features such as encryption of identity data, discovery of OpenID Providers (OAuth authorization servers), and session management.

OpenID Connect (OIDC)

OIDC

OpenID Provider (OP)

Page created: 22 Sep 2020 |
Page updated: 21 Sep 2021
| 1 min read

In OAuth terms, an authorization server (AS). The OP/AS issues access tokens to protected resources for approved clients (relying parties). The clients use the access token to access the protected resources hosted by the OAuth resource server.

OpenID Provider (OP)

OP

orchestration

Page created: 26 Jan 2022 |
Page updated: 7 Jul 2022

An orchestration platform visually maps user experiences as no code, drag-and-drop visual flows, which help determine how many screens might be needed, the order in which they should appear, and the components required for each experience.