OpenID Connect

From HandWiki
Short description: Authentication layer on top of OAuth 2.0


OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework.[1] The standard is controlled by the OpenID Foundation.

Description

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST-like manner. In technical terms, OpenID Connect specifies a RESTful HTTP API, using JSON as a data format.

OpenID Connect allows a range of kinds of clients, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, supporting optional features such as encryption of identity data, discovery of OpenID Providers, and session management.[1]

Open source providers

There are several open source implementations of OpenID Connect providers, including:

See also

References

External links