Sascha Preibisch

OAuth vs. LDAP

Blog Post created by Sascha Preibisch Employee on Oct 18, 2016

On Twitter I have read about a company that asked the question:

 

Are you using OAuth or LDAP?

 

That of course is nonsense! One does not replace the other or takes on its role.

 

OAuth is an authorization framework! Its not made to authenticate users, its meant to have a user (resource_owner) authorize a client to access certain resources (simplified, and depending on the flow, I know ...). The user certainly has to be authenticated during that process. The user authentication may be done against an LDAP server!

 

Update (18. Oct. 2016)

 

I realized that this topic seems to be quite popular for many people. For that reason I have created a graphic trying to emphasize the relationship between OAuth and LDAP visually. It is simple but it may still helps.

 

OAuth vs. LDAP

 

Please leave  comment for questions or suggestions.

Outcomes