What is Claims-Based Identity, and Why Should You Care?
There are many features in a typical secure application, three of the most common being:
- Authentication: “Who are you?”
- Authorization: “Are you allowed to do this?”
- Personalization: “How can I personalize your experience?”
This guide will introduce you to “claims-based” identity, a set of ideas and tools that may make it easier for you to build features like these into your apps in a more flexible way. In this guide, we’ll introduce some concepts that may sound new: claims, federated identity, and much more. But many of the ideas presented here have been floating around for a long time.
The protocols we’ll show in this guide have a similar flavor to Kerberos, one of the most broadly accepted authentication protocols in use today (used in Active Directory for example). WS-Federation, SAML, and other federated identity protocols have been incubating for this entire decade. This is really not so new after all, but it does require a new way of thinking as we move toward a better architecture for identity in applications.
Claims based identity is specially compelling for applications that are deployed to the cloud. This Guide covers such scenarios."