Difference between Claims vs OAuth

Question

What is the difference between Claims based authentication vs What is provided by OAuth.

I am looking for conceptual difference and not technical difference. When do I choose Claims over OAuth and vice versa.

Claims based authentication is proposed by Microsoft and build on top of WS-Security. But OAuth is more a open source protocol that is being proposed to allow fetching resources from different portals based on a security token.

Claims also has this concept of token (SAML encoded or X509 certificates).

I am trying to understand when do I choose Claims over OAuth and vice versa.

Thanks

Answer 1

Claims-based identity is a way of decoupling your application code from the specifics of identity protocols (such as SAML, Kerberos, WS-Security, etc). It is not only for web applications and is implemented as a .NET library / framework called WIF.

OAuth is a specific protocol by which one web site can obtain user consent to access their private data on another web site.

It is not really the case that you would choose one or the other, in fact they are complementary. Potentially you could use both at once, if you were building a .NET web app that performed OAuth via the WIF.