OpenID Connect / SAML SSO

Definition

Single Sign-On (SSO) allows a one-time login against an Identity Provider (IdP) followed by token-based access to multiple applications. SAML 2.0 is an XML-based protocol that is especially widespread in enterprise environments. OpenID Connect (OIDC) is a modern authentication layer on top of OAuth 2.0 that uses JSON Web Tokens. Both protocols support central user management, role mapping, and offboarding.

How Swiss Knowledge Hub uses this term

Swiss Knowledge Hub relies on NextAuth-based authentication in the standard product. A full SAML or OIDC SSO integration with identity providers such as Microsoft Entra ID, Google Workspace, or Keycloak is currently not part of the standard scope and can be evaluated as part of an Enterprise or Custom engagement.

Related terms

• Zero trust
• Workspace / tenant
• Audit log

Sources

1. OpenID Connect Core 1.0 — https://openid.net/specs/openid-connect-core-1_0.html
2. OASIS — SAML 2.0 Specifications — https://www.oasis-open.org/standard/saml/