Consumer Auth Definitions Appendix | Yext Hitchhikers Platform
This appendix highlights key terms and their definitions — including both general security terminology as well as Yext-specific terminology.
General Security Terminology
Term | Definition |
---|---|
Authentication | Authentication is the process of identifying WHO the user is in a trustworthy way. Generally this happens when a user logs in to some system. |
Authorization | Authorization is the system that determines which user has access to which resources. This could be a site or a search experience or could be individual entities. |
Identity and Access Management (IAM) | Identity and access management (IAM) in enterprise IT is about defining and managing the roles and access privileges of individual network entities (users and devices) to a variety of cloud and on-premises applications. Learn More . |
Single Sign On (SSO) | Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. SAML and OIDC are the two most popular types of SSO. Learn More . |
SAML | SAML is a standard that covers federation, identity management and single sign on. SAML is an overall framework. Learn More . |
Identify Provider (IdP) | IdP is the system that manages who the users are and handles authentication in a SAML system. With OAuth this is often called Authorization Server. Learn More . |
Service Provider (SP) | SP is the system that the user is gaining access to. In a simple username / password system the IdP and the SP are the system but once you start using SSO or SAML these are different. With OAuth this is often called a Resource Server. Learn More . |
JSON Web Token (JWT) | JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties. Learn More . |
OAuth | OAuth is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and DigitalOcean. Learn More . |
Active Directory Federation Services (ADFS) | Active Directory is an SSO solution built by Microsoft that works similarly to SAML but uses a different protocol. Learn more . |
Open ID Connect (OIDC) | OIDC is a thin layer on top of OAuth that layers on authentication on top of OAuth in a standardized way. |
JIT Provisioning | Just In Time Provisioning is part of the SAML protocol that allows an account to be created or updated when a user logins in. Hupman says you can think of it as a User + ACL upsert during every SAML handshake. Learn More . |
Access Control List (ACL) | Access Control List is a list of permissions for a certain resource. With Yext this usually means which individuals (or roles) can view / edit which entities. |
Yext-Specific Terminology
Term | Definition |
---|---|
Yext Auth | This refers to the IDP login system that Yext now offers. You can manage all your users in the Yext platform and have them log in with Yext. This extends the current permissioning system into external facing search experiences, so you can add permissions to view entities in Search outside of the platform. |
External Authorization | This refers to a new “field” in Content that stores authorizations for an individual entity. Unlike the current roles and copes system, these authorizations are not tied to Yext but instead tied to an external authorization system. |
External Identity | An external identity is a string that corresponds to a user, role or group from an external authorization system. |
External Source | An external source is the source system associated with a specific set of external authorizations and external identifiers. This exists so that if two external sources have overlapping IDs (such as having identities in Google Drive AND Salesforce), these are treated separately in our system. |
Visitor | Visitor is a new concept inside of Analytics. A Visitor could either be a normal Yext User or an anonymous visitor with a specific visitor ID. |
Authorization Scheme | Choose which scheme in Yext Search that allows you to make a vertical respect entity permissions. Can be Yext or External. |
Public Experience | While not a core term in the platform, this will refer to a consumer experience that is public to the world. |
Private Experience | While not a core term in the platform, this will refer to a consumer experience that is private / gated to the world. The experience looks the same to everyone who has access. |
Authorized Experience | While not a core term in the platform, this refers to an experience where who you are changes the experience itself. |
<% elem.innerText %>