- Print
- PDF
Ncloud Single Sign-On glossary
- Print
- PDF
Available in Classic and VPC
There are several terms you should be familiar with before using Ncloud Single Sign-On. The terms and their definitions are as follows.
Access Token
A string issued by the IdP that serves as a credential indicating the client's authorization to access protected resources
ACS URL
The URL where the IdP checks final permissions based on user information and posts the SAML Response
Client
One of the roles defined in OAuth 2.0, which is an application that receives an access token as a credential instead of the resource owner to access protected resources
ID Token
A token in JWT format that contains user information
Identify Provider (IdP)
A system that verifies and manages the authentication information of users requested by the SP
Ncloud Single Sign-On
A service of NAVER Cloud Platform that enables integrated management of application access permissions within an organization with a NAVER Cloud Platform account
OAuth 2.0
An open standard authorization protocol for granting permissions. Delegates permissions for an application to access a resource server on behalf of a user who owns the resource
OpenID Connect (OIDC)
A protocol that is based on OAuth 2.0 and issues an ID token containing user information from IdP when issuing a token
Refresh Token
A token issued by IdP used to extend the expiration time of an expired access token or to issue additional access tokens with the same or narrower scope
Resource Owner
One of the roles defined in OAuth 2.0, which is a user who can authorize credentials for the client to access protected resources
Resource Server
One of the roles defined in OAuth 2.0, which is a server that verifies and responds to access requests when a client accesses a resource using an access token and provides protected resources
SAML 2.0
A web-based, open standard authentication protocol. SAML 2.0 is a standard information format used when exchanging user authentication and authorization information between applications, allowing IdPs and SPs to securely exchange and authenticate user information
SAML Assertion
Security information including user information and permissions transmitted from IdP to SP for user authentication
SAML Request
Requesting delegation of authentication that the Service Provider forwards to the Identity Provider using the HTTP redirect binding
SAML Response
Authentication result that the Identity Provider sends to the Service Provider including assertion information
Service Provider (SP)
The entity that provides the service. It mainly refers to the application or service that the SSO user wants to use and requests users’ authentication information from the Identity Provider (IdP)
To see a full list of terms and definitions, go to Glossary from the NAVER Cloud Platform portal.