You views on Bitcard SSO?

Peter Edwards peter at
Fri Feb 19 02:38:12 PST 2016

We looked about a year ago at how to do federated identity between a few
systems. One was C# with a custom (don't ask) version of SAML, one was
Drupal PHP and the underlying authentication provider was MS Active
SAML and OAuth2 solve different kinds of problem and present different
types of difficulty. There are plenty of good decks on that
go into this.
Because we were doing a client side Single Page Application which needed
the authentication then routing of service API calls from REST to a SOAP
XML backend, it turned out easiest for us to use OAuth2 and do mapping in
an integration platform on MS Azure to SAML 2.0 make the different systems
work together.
As Tom says, there is no single simple answer. It depends what you're
trying to do, what components you've already got and who your audience is
(internal, external) and what application they are using, e.g. is it a
chromebook, mobile app, corporate desktop.
Cheers, Peter

On Fri, 19 Feb 2016 at 10:26 Tom Hukins <tom at> wrote:

> On Fri, Feb 19, 2016 at 09:43:17AM +0000, Peter Edwards wrote:
> > I'd suggest using OAuth2 and either running your own provider or
> > hanging it off Google/MS Live/github depending who your audience is.
> Everyone I know who has tried to support OAuth2 has found the experience
> painful.
> This brief talk shows why people find it confusing:
> I don't have a good answer to Andy's question unfortunately.  I doubt
> anyone outside the Perl community uses Bitcard, so it doesn't provide
> SSO for most people.  If you need SSO, you probably want OAuth, but if
> you don't, avoid the hassle.
> Tom
> _______________________________________________
> MiltonKeynes-pm mailing list
> MiltonKeynes-pm at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the MiltonKeynes-pm mailing list