<% user.full_name %>
<% util.level ? util.level.title : '' %>
Explorer Pioneer Apollo Viking Voyager Pathfinder Orion
Points
<% user.points ? user.points.toLocaleString() : 0 %>
Badges
<% util.badgeCount %>
Streaks
Congratulations You've <% util.newestBadge.isCurriculum ? 'completed' : 'earned' %> the
<% util.newestBadge.title %> <% util.newestBadge.isCurriculum ? 'curriculum' : 'badge' %>!
previous
next
Share to Social Media
Linked In Facebook
Status
<% util.level ? util.level.title : '' %>
<% util.level ? util.level.points : '' %>
<% util.nextLevel ? util.nextLevel.title : '' %>
<% util.nextLevel ? util.nextLevel.points : '' %>
Level up! <% util.levelPointsRemaining %> points to go
Level up! <% util.levelPointsRemaining %> points to go
Badges
Completed Hitchhikers Track Completed Content Track Completed Pages Track Completed Page Builder Track Completed Search Backend Track Completed Search Frontend Theme Track Completed Search UI React Track Completed Solution Templates and the Admin Console Track Completed Technical Skills Track Completed Platform Basics Track Completed Listings Track Completed Reviews Track Completed Industry Overview Track Completed Analytics Track Completed Industry Overview & Product Basics Track Completed Multi-Language Experiences Track Completed Chat Track
<% util.expandBadges ? 'Less' : 'More' %>
Playground Accounts
New +
No Playground Accounts
Create Playground +
View Profile
Log Out loading
Mission Complete! 🚀
Congratulations, you’ve completed your first module!

We hope you enjoy exploring the rest of the site. Please don’t forget to leave us feedback - we are constantly looking to improve. Happy Hitchhiking!
Home
Welcome to Hitchhikers! 👋
To learn more about the platform we encourage you to get started by completing the Hitchhikers Program Track and earning your first badge!
Start Here
Close notification
Guide
Consumer Auth Overview
Arrow Back
Completed
Introduction
Introduction
completed
Completed 1
Step 1
Secure Sites
completed
Completed 2
Step 2
Authorized Search
completed
Completed 3
Step 3
Visitor Level Analytics
completed
Completed 4
Step 4
Authenticated Image and File Hosting
completed
Next Steps
Next Steps
completed
Reference
Consumer Auth Definitions Appendix
completed
Reference
External Authorization FAQs
completed
home

Consumer Auth Definitions Appendix | Yext Hitchhikers Platform

This appendix highlights key terms and their definitions — including both general security terminology as well as Yext-specific terminology.

General Security Terminology

Term Definition
Authentication Authentication is the process of identifying WHO the user is in a trustworthy way. Generally this happens when a user logs in to some system.
Authorization Authorization is the system that determines which user has access to which resources. This could be a site or a search experience or could be individual entities.
Identity and Access Management (IAM) Identity and access management (IAM) in enterprise IT is about defining and managing the roles and access privileges of individual network entities (users and devices) to a variety of cloud and on-premises applications. Learn More .
Single Sign On (SSO) Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials. SAML and OIDC are the two most popular types of SSO. Learn More .
SAML SAML is a standard that covers federation, identity management and single sign on. SAML is an overall framework. Learn More .
Identify Provider (IdP) IdP is the system that manages who the users are and handles authentication in a SAML system. With OAuth this is often called Authorization Server. Learn More .
Service Provider (SP) SP is the system that the user is gaining access to. In a simple username / password system the IdP and the SP are the system but once you start using SSO or SAML these are different. With OAuth this is often called a Resource Server. Learn More .
JSON Web Token (JWT) JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties. Learn More .
OAuth OAuth is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and DigitalOcean. Learn More .
Active Directory Federation Services (ADFS) Active Directory is an SSO solution built by Microsoft that works similarly to SAML but uses a different protocol. Learn more .
Open ID Connect (OIDC) OIDC is a thin layer on top of OAuth that layers on authentication on top of OAuth in a standardized way.
JIT Provisioning Just In Time Provisioning is part of the SAML protocol that allows an account to be created or updated when a user logins in. Hupman says you can think of it as a User + ACL upsert during every SAML handshake. Learn More .
Access Control List (ACL) Access Control List is a list of permissions for a certain resource. With Yext this usually means which individuals (or roles) can view / edit which entities.

Yext-Specific Terminology

Term Definition
Yext Auth This refers to the IDP login system that Yext now offers. You can manage all your users in the Yext platform and have them log in with Yext. This extends the current permissioning system into external facing search experiences, so you can add permissions to view entities in Search outside of the platform.
External Authorization This refers to a new “field” in Content that stores authorizations for an individual entity. Unlike the current roles and copes system, these authorizations are not tied to Yext but instead tied to an external authorization system.
External Identity An external identity is a string that corresponds to a user, role or group from an external authorization system.
External Source An external source is the source system associated with a specific set of external authorizations and external identifiers. This exists so that if two external sources have overlapping IDs (such as having identities in Google Drive AND Salesforce), these are treated separately in our system.
Visitor Visitor is a new concept inside of Analytics. A Visitor could either be a normal Yext User or an anonymous visitor with a specific visitor ID.
Authorization Scheme Choose which scheme in Yext Search that allows you to make a vertical respect entity permissions. Can be Yext or External.
Public Experience While not a core term in the platform, this will refer to a consumer experience that is public to the world.
Private Experience While not a core term in the platform, this will refer to a consumer experience that is private / gated to the world. The experience looks the same to everyone who has access.
Authorized Experience While not a core term in the platform, this refers to an experience where who you are changes the experience itself.
Feedback
<% elem.innerText %>