I'm looking at the protocols supported for purpose of comparison.
|
|
Identity Server 3
|
Azure AD
|
ADFS 3.0
(2012 R2)
|
ADFS 4.0? (2016 vNext)
|
|
|
|
|
|
|
|
Authenticate against
|
In Memory
ASP.NET Identity
Membership Reboot
(interface can be extended to any repository)
|
Azure AD Graph
|
AD
|
AD
LDAP v3
SQL Server
|
|
|
|
|
|
|
|
WS-Federation
|
Y
(via Katana extension)
|
Y
|
Y
|
Y
|
|
|
|
|
|
|
|
SAML 2.0
|
Y
(via Katana extension)
|
Y
|
Y
|
Y
|
|
|
|
|
|
|
|
OpenID Connect
|
Y
|
Y
|
N
|
Y
|
|
|
|
|
|
|
|
OAuth 2.0
|
Y
All profiles
|
Y
All profiles
|
Y
Authorisation Code Grant confidential client profile only
|
Y
All profiles
|
|
|
|
|
|
|
|
Social
|
Google
Twitter
Facebook
(can be extended via Katana extension)
|
Azure ACS / B2C
|
Via federation with Azure ACS / B2C
|
Via federation with Azure ACS / B2C
|
Azure ACS = Windows Live / Google / Yahoo / Facebook
Azure B2C = Facebook / Google+ / Amazon / Linkedin
As you can see, IS compares really well and offers a wider selection than ADFS 3.0.
See also: IdentityServer : The power of extensibility
Enjoy!
1 comment:
I've recently weighed the costs of going with ADFS/Azure AD or Identity Server. Maybe good to point out with IS you can store your claim data wherever you want, but not so with ADFS. Doesn't help much when you need to adjust auth rights at runtime.
Post a Comment