Hi Folks!
To me it seems like SAML 2.0 is on its way out and Oauth2 will be more common form of federation single sign-on. We have been using SAML for federated SSO with dozens of our business partners, but lately we are getting demands from our new business partners for Oauth2 as the federated SSO method rather than SAML.
We are in the process of upgrading our SiteMinder r12.0 systems to r12.52 and one of the main driver of this effort is to take advantages of the Oauth2 support that comes with r12.52. I struggled a bit trying to build out our r12.52 policy servers and had some good help from folks here at CA Community, which now provides us with a SiteMinder r12.52 environment to play with but I don't really know much about Oauth!
I feel quite comfortable with SAML and how to set SiteMinder up as both a SAML IDP and SP, but my goal now is to learn how to setup a test Oauth2 using our new r12.52 as the Oauth local client authenticating with my google account. I found several documentations out there that shows me how to setup SiteMinder Oauth2 authentication scheme with social media, but what I am trying to accomplish at this point is to learn how to setup SiteMinder so that SiteMinder acts as the Oauth authenticating server (SAML IDP) and request access to my Google account resource via Oauth (SAML SP). Once I figure out how to do this then eventually we will do the same with our business partners.
So for folks out there that had already worked with Oauth2 using SiteMinder r12.52, I would very much appreciate any advise you can provide and if you can point me to any resources where I can learn to start with a basic Oauth2 implementation such as setting up SiteMinder to talk to Google or Facebook account then that would be very helpful.
Thank you in advance!
Duc Tran