OpenID Connect (OIDC)

openid.net/specs/openid-connect-core-1_0.html (openid.net)

OpenID Connect (OIDC) is an identity layer built on top of the OAuth 2.0 protocol. Simply put, it's a modern way for your application to verify the identity of a user and, optionally, obtain basic profile information about them. Think of it as the digital equivalent of a passport.

The beauty of OIDC lies in its simplicity and flexibility. It allows your users to authenticate with a trusted provider (e.g., Google, Facebook, or your company's identity provider), and then use that authentication to access your app without having to create a new account or remember a separate password. This enhances user experience and security.

OIDC is not just for web apps. It works seamlessly with mobile apps, single-page apps, and even server-side apps. It's a versatile tool in your identity management arsenal.

Identity Provider
Scopes
Claims
Response Types

Tokens

Access Tokens
ID Tokens
Refresh Tokens

Verifying tokens

Introspection
JWK verification

Flow Types

Authorization Code Flow
Implicit Flow
Hybrid Flow
Device Authorization Flow
Client Credentials
Resource Owner Password

Industry Standard

OpenID Connect Protocol Suite

Minimal

OpenID Connect Core 1.0 (openid.net)

Dynamic

Complete

Protocols underpinning OpenID Connect

More learning resources about OpenID Connect

OIDC Primer (developer.okta.com)

OpenID Connect (OIDC)

OpenID Connect Related​

Tokens​

Verifying tokens​

Flow Types​

Industry Standard​

OpenID Connect Protocol Suite​

Protocols underpinning OpenID Connect​

More learning resources about OpenID Connect​

OpenID Connect Related