You can consider authentication through external OAuth providers in the following scenarios:
Allow external users to access secure resource
For example, you may want your customers and partners to access https://forums.novell.com. Creating and managing external users is a hassle for you and the user.
Users will be allowed to sign in with their Facebook or Yahoo ID. Social authentication providers give Access Manager a set of logged-in user’s attributes. Therefore, you will get the users’ data without maintaining it. Access Manager can use this user data and perform the required actions based on that.
Apply policies to restrict users to access a protected resource
When you select the Identify User Locally option, the users’ social details are mapped to the local user. You can apply authorization policies based on the users’ attributes.
For example, if Joe is a Facebook user, you can match the attributes of Joe in the local user store based on a rule and apply an authorization policy to access a protected resource. You want to apply policies on an incoming user. For example, your enterprise user 'Bob' has logged into https://forums.novell.com/ with a social identity. You may want to identify that 'Bob' is your local user and provide him with forum moderator privileges. The Identify User Locally option lets you map a social user to your local user and apply appropriate policies.
Simplify user login
You may want to keep the user in your user stores and make the registration process easy for the users. Social authentication saves the user from remembering another identity. Users can login with their social identity and Auto Provision User will map the incoming user specified attribute with an existing user in the local user store. If the attribute matches, the user is provisioned, else the user will be prompted for local user authentication.
Personalized web content in business to consumer scenarios
Organizations want to provide personalized services and information to individuals. The common approach of creating individual identities for users is costly for the organization and inconvenient for the user. Social authentication allows users to login with their preferred form of identities. This simplifies the login experience for customers, increases the registration levels, and lowers IT costs.
Step up authentication
You want to prompt an additional authentication when users try to access the sensitive information. Access Manager provides options to configure multiple contracts for protected resources. When users access these resources, Access Manager prompts them to authenticate with a second factor method, such as their corporate identity or an OTP.