Identity and Access Management (IAM) allows you to leverage SAML-based Web Single
Sign-On (SSO) and OAuth API authorization in Address Manager.
With SAML-based Web SSO in Address Manager, all user login credentials are authenticated
by the Identity Provider (IdP).
Manager supports both SP-initiated SSO and IdP-inititated SSO. For more information on
how SAML works with Address Manager, refer to Single Sign-On.
The OAuth API authorization allows users access to Address Manager's API endpoints with
three authorization grants in the OAuth 2.0 specification:
- Authorization Code Grant
- Implicit Grant
- Resource Owner Password Credentials Grant
The OAuth 2.0 specification defines an authorization protocol (a protocol that is
focused on what actors have access to—not who the actor is) and includes four actors:
the Resource Owner (the user), the Client (an application or script that needs access to
the Address Manager API), the Authorization Server (OAuth2 Server, OpenID Connect), and
the Resource Server (Address Manager API).
For more information on how OAuth works with Address Manager, refer to OAuth API authorization
for DNS Edge is not related to SSO for Address Manager. DNS Edge must be configured
separately as a service provider on your IdP.