OIDC vs SAML: Key Differences and Which to Use

OIDC (OpenID Connect) and SAML (Security Assertion Markup Language) are two popular authentication protocols used for Single Sign-On (SSO). While they both handle the authentication process, they use different authentication flows and data formats. OIDC is built on top of OAuth 2.0 and allows users to log in to multiple apps using their existing identity from an OpenID provider like Google or Microsoft. It's commonly used in modern web and mobile apps. SAML is an XML-based SSO protocol that standardizes how an Identity Provider (IdP) and a Service Provider (SP) exchange authentication and authorization data. It's used in legacy enterprise environments to enable web SSO. In most cases, it's worth supporting both OIDC (for enterprise SSO and social logins) and SAML (for legacy enterprise SSO) to cater to a broader customer base.