1. An XML-based protocol for exchanging authentication assertions between an Identity Provider and a Service Provider; not designed for mobile applications because it relies on browser redirects
2. An authorization framework that grants third-party applications access to user resources without exposing credentials; does NOT itself perform authentication or verify who the user is
3. An identity layer built on top of an authorization framework that adds an ID token confirming the user's identity; used for SSO and federated login with mobile support
4. A directory access protocol based on the X.500 standard; uses container objects (country, org, OU) and leaf objects (users, computers) organized in a Directory Information Tree