Explanation: SAML (Security Assertion Markup Language) is a service that is used to provide authorization between the Identity Provider (IdP) and the application. SAML is an XML-based open standard for transferring identity data between two parties: an IdP and a service provider (SP). The IdP performs authentication and passes the user’s identity and authorization level to the SP. The SP then grants or denies access to the application based on the user’s credentials and permissions. SAML enables single sign-on (SSO) and federated identity management across different domains and platforms.
OAuthv2 is not a service, but a protocol for authorization that allows a user to grant a third-party application access to their resources without sharing their credentials. OAuthv2 relies on tokens that are issued by an authorization server and used by the client application to access the protected resources. OAuthv2 does not provide authentication or identity information, but it can work with other services, such as OpenID Connect, to achieve that.
Active Directory Federation Services (ADFS) is a Microsoft service that provides SSO and identity federation capabilities for Windows-based environments. ADFS uses SAML as the default protocol to communicate with other IdPs and SPs. ADFS can also support other protocols, such as WS-Federation and OAuthv2.
Identity Service (IdS) is a generic term for a service that manages and verifies user identities. An IdS can use different protocols and standards, such as SAML, OAuthv2, OpenID Connect, or LDAP, to provide authentication and authorization services. An IdS can be an IdP, an SP, or both, depending on the context and the role it plays in the identity federation process.
References: What is SAML and how does SAML Authentication Work, Identity Providers and Service Providers, What is an identity provider (IdP)?
