Identity & Access Management Solutions
Unlock the complete study guide + 1,040 practice questions across 16 full exams.
Bundled into the existing Certified Cloud Security Professional premium course — no separate purchase.
Included in this chapter:
- Authentication vs authorization, and the three protocols
- Federation, identity providers, and single sign-on
- Multi-factor authentication and factor strength
- Cloud access security broker (CASB)
- Secrets management for non-human identities
- Exam-pattern recognition for IAM solutions
Federation protocols: what each one actually carries
| Protocol | Primary purpose | Token / message format | Typical use |
|---|---|---|---|
| SAML 2.0 | Authentication (SSO assertion) | XML assertion, signed | Enterprise/workforce SSO to web apps |
| OAuth 2.0 | Delegated authorization | Access token (often JWT), bearer | App acts on a user's API/resource with scoped rights |
| OpenID Connect (OIDC) | Authentication on top of OAuth 2.0 | ID token (JWT) plus OAuth access token | Modern web/mobile login, consumer and workforce |
Decision tree
Cheat sheet
Unlock with Premium — includes all practice exams and the complete study guide.