Embedded Files
Delegate authentication to an external identity provider.
When to use this pattern?
Single Sign-on in the enterprise
Federated Identity with multiple partners
Federated Identity in SaaS applications
When NOT to use this pattern?
All users of the application can be authenticated by one identity provider.
The application can’t handle claim-based authentication technologies.
Considerations
Single point of failure.
Role-Based Access Control (RBAC)
Claim-based authentication with external Idp provides only email address, name.
If more than one Identity Provider configured for the STS, it must detect which identity provider the user should be redirected for authentication
Google Sites
Report abuse