You work for a social media website. You wish to integrate your users’ accounts with other web resources. To do so, you need to allow authentication to be used across different domains, without exposing your users’ passwords to these other services. Which of the following would be most helpful in accomplishing this goal?

OAuth (Open Authorization) is an open standard for token-based authentication and authorization on the Internet and allows an end user’s account information to be used by third-party services, without exposing the user’s password. Kerberos is a network authentication protocol and is not used for cross-domain/service authentication. Security Assertion Markup Language (SAML) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties. OpenID is an authentication service often provided by a third party, and it can be used to sign into any website that accepts OpenID. It would be possible for this to work, but only with websites that support OpenID, so it is not as good a solution as OAuth.