Auth & Identity Studio

A W3C standard for globally unique, self-sovereign identifiers that are controlled by the subject rather than a central authority, enabling verifiable identity without depending on any single provider.

A compact, URL-safe token format that encodes claims as a signed JSON payload, enabling stateless authentication between parties.

A delegation framework that lets users grant third-party applications limited access to their resources without sharing credentials.

An identity layer built on top of OAuth 2.0 that adds standardized user authentication, providing a verified identity token (ID token) alongside access delegation.

A passwordless authentication standard using public-key cryptography, where the private key never leaves the user's device and authentication is verified via biometrics or device PIN.

An XML-based federation standard for exchanging authentication and authorization assertions between an identity provider and a service provider, dominant in enterprise SSO.

An authentication standard that lets users prove ownership of an Ethereum address by signing a structured message with their wallet's private key, enabling decentralized identity for web applications.

An authentication pattern that lets users log in once and access multiple applications without re-authenticating, implemented via protocols like OIDC or SAML.