IG implements the following RFCs, Internet-Drafts, and standards:
- OAuth 2.0
- OpenID Connect 1.0
IG can be configured to play the role of OpenID Connect relying party. The OpenID Connect specifications depend on OAuth 2.0, JSON Web Token, Simple Web Discovery and related specifications. The following specifications make up OpenID Connect 1.0.
OpenID Connect Core 1.0 defines core OpenID Connect 1.0 features.
In section 5.6 of the specification, IG supports Normal Claims. The optional Aggregated Claims and Distributed Claims representations are not supported by IG.
OpenID Connect Discovery 1.0 defines how clients can dynamically discover information about OpenID Connect providers.
OpenID Connect Dynamic Client Registration 1.0 defines how clients can dynamically register with OpenID Connect providers.
OAuth 2.0 Multiple Response Type Encoding Practices defines additional OAuth 2.0 response types used in OpenID Connect.
- User-Managed Access (UMA) 2.0
- Representational State Transfer (REST)
Style of software architecture for web-based, distributed systems. IG's APIs are RESTful APIs.
- Security Assertion Markup Language (SAML)
Standard, XML-based framework for implementing a SAML service provider. IG supports multiple versions of SAML including 2.0, 1.1, and 1.0.
Specifications are available from the OASIS standards page.
- Other Standards
RFC 2617: HTTP Authentication: Basic and Digest Access Authentication, supported as an authentication module.
RFC 4510: Lightweight Directory Access Protocol (LDAP), for authentication modules and when accessing data stores.
RFC 5280: Internet X.509 Public Key Infrastructure Certificate, supported for certificate-based authentication.
RFC 6265: HTTP State Management Mechanism regarding HTTP Cookies and