Both should be straight forward to setup in the IDP level and in Reltio side. Sone limitations are, if you are planning to maintain roles in the IDP side, please ensure you apply filter to send only specific roles in the OAUTH mode as there is a limitation on the size of Tokens.
SAML has no much limitations however the Certificate of SAML has some defined expiry date. Which might require to update the connection as per the expiry time of Certificate.
------------------------------
Gowthamprabhu Sivaraj
AstraZeneca
------------------------------
Original Message:
Sent: 06-26-2023 14:38
From: Nikhil Ramchandani
Subject: Reltio SSO SAML vs OIDC
thanks, Gowthamprabhu. This was helpful.
But a follow-up question, in terms of setup effort for the SSO or in terms of user experience with the 2 SSOs, are there any nuances we need to be aware of?
We are trying to decide which one we should use for our setup and don't know if there is a way to identify which one is better suited for us.
------------------------------
Nikhil Ramchandani
Consultant
ZS Assoiates
Original Message:
Sent: 06-26-2023 13:29
From: Gowthamprabhu Sivaraj
Subject: Reltio SSO SAML vs OIDC
Both are type of Identity federation.
OIDC Works on token based authentication and SAML works based on Assertion.
If you are using SAML, Reltio will convert it into OAUTH internally using Cognito and make use OAUTH.
If you are using OAUTH, your identity provider's configuration can be directly embedded into Reltio.
both protocols are supported by most of the identity providers. One comment in using SAML in Reltio is , it takes the Email as a default username and there is no way to customize it. But if you are using OAUTH, you can specify which attribute needs to be mapped as an Username in Retlio.
------------------------------
Gowthamprabhu Sivaraj
AstraZeneca
Original Message:
Sent: 06-26-2023 13:22
From: Nikhil Ramchandani
Subject: Reltio SSO SAML vs OIDC
hi Folks,
Does anyone know what is the difference between the two Reltio SSO options, SAML and OIDC (based on Oauth2.0) and which one would you use?
------------------------------
Nikhil Ramchandani
------------------------------