First-generation protocols
The first claims-based protocols appeared in the early 2000s. Two of these protocols are still supported and heavily used by Azure Active Directory and Windows Server Active Directory. These two protocols are SAML and WS-Federation. Both are used to provide cross-domain Single Sign-On (SSO), which is a scenario that the authentication protocols that were popular at that time didn't handle very well, such as username and password authentication. To handle these scenarios, cookies, a very popular and widely used mechanism, were used.
In the next section, we are going to look at SSO in more detail.
Single sign-on
With SSO, users can sign into several related but independent systems or applications by using a single username and password. True SSO allows the user to sign in only once and then access services without re-entering their authentication credentials, such as their username and password. The simplest form of SSO can be achieved over IP...
