search

OpenID Connect

  • Open ID Connect is a protocol on top of OAuth 2.0 framework.

  • It provides authentication by introducing a new ID token which contains a new set of information and claims specifically for identity.

  • With the ID token, OpenID Connect brings standards around sharing identity details among application.

  • It introduces a new scopes and in the final exchanges the client retrieves both an Access Token and ID Token.

  • To OAuth 2.0, below details are added

    • OIDC standardized scopes to openid, profile, email and address.

    • ID Token using JWT standard.

    • OIDC exposes standard /userinfo endpoint.

hashtag
Why do we need it

  • Initially openid connect was used only to perform delegated authorization.

  • But eventually, clients started using them for authentication using social login.

  • But as OAuth was only an authorization framework, it did not have a mechanism to share user details or user profile to identity to which user the access token belongs to.

  • To solve this problem OpenID Connect was introduced.

PreviousGrant Type FlowsNext06_ORM_Hibernate

Last updated