0

I was completing an infosec report and came across this.

Does the APP support end-user authentication? Federated, Certified, other?

I wanted to have some clarification on the terms.

From what I understand

  • End-user authentication means having user auth capabilities

  • Federated means that the authentication system can be cross domain?(unsure)

  • Don't know about Certified.

Where would third party auth providers like Google come in? Also what about having an inbuilt simple email password auth be called here?

Paritosh Gupta
  • 21
  • Federated is just a fancy word for grouped, but i don't know what that means in this context either – esoterik Jul 06 '18 at 17:17

1 Answers1

1

Answering the part "what is federated authentication"

I assume that the author means using authentication in a Fediverse (aka Federation-Universe) which means you create an account at one provider and can use that login at an other provider (of the same fediverse)

Example: you have registered at "SomeProvider" getting the username @PeterSmith@SomeProvider. you can login to "AnOtherProvider" using your @PeterSmith@SomeProvider account.

Certified authentication means using a certificate (similar to ssl-certificate)

Greg Burghardt
  • 37,083
k3b
  • 7,528