OpenID Connect

Short description: Authentication layer on top of OAuth 2.0

OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework.^[1] The standard is controlled by the OpenID Foundation.

Description

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST-like manner. In technical terms, OpenID Connect specifies a RESTful HTTP API, using JSON as a data format.

OpenID Connect allows a range of kinds of clients, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, supporting optional features such as encryption of identity data, discovery of OpenID Providers, and session management.^[1]

Open source providers

There are several open source implementations of OpenID Connect providers, including:

MITREid Connect from MIT^[2]
Dex Identity Provider^[3]
Ipsilon^[4]
IdentityServer4^[5]
Keycloak^[6]
oidc-provider^[7]

References

↑ ^1.0 ^1.1 "Welcome to OpenID Connect". OpenID Foundation. https://openid.net/connect/.
↑ on GitHub
↑ on GitHub
↑ "Ipsilon - Identity Provider server and toolkit". https://ipsilon-project.org/.
↑ on GitHub
↑ "Keycloak". https://www.keycloak.org/.
↑ on GitHub

External links

OpenID Connect Playground

0.00

(0 votes)

[OIDC_welcome-1] 1.0 ^1.1 "Welcome to OpenID Connect". OpenID Foundation. https://openid.net/connect/.

[2] GitHub

[3] GitHub

[Ipsilon-4] "Ipsilon - Identity Provider server and toolkit". https://ipsilon-project.org/.

[5] GitHub

[Keycloak-6] "Keycloak". https://www.keycloak.org/.

[7] GitHub

[1]

[2]

[3]

[4]

[5]

[6]

[7]

v t e Authentication
Authentication APIs	BSD Authentication (BSD Auth) eAuthentication Generic Security Services API (GSSAPI) Java Authentication and Authorization Service (JAAS) Pluggable Authentication Modules (PAM) Simple Authentication and Security Layer (SASL) Security Support Provider Interface (SSPI) XCert Universal Database API (XUDA)
Authentication protocol	ACF2 AKA CAVE-based authentication Challenge-Handshake Authentication Protocol (CHAP) MS-CHAP Central Authentication Service (CAS) CRAM-MD5 Diameter Extensible Authentication Protocol (EAP) Host Identity Protocol (HIP) IndieAuth Kerberos LAN Manager NT LAN Manager (NTLM) OAuth OpenID OpenID Connect (OIDC) Password-authenticated key agreement protocols Password Authentication Protocol (PAP) Protected Extensible Authentication Protocol (PEAP) Remote Access Dial In User Service (RADIUS) Resource Access Control Facility (RACF) Secure Remote Password protocol (SRP) TACACS Woo–Lam
Category Commons

Anonymous

Search

OpenID Connect

Namespaces

More

Page actions

Contents

Description

Open source providers

See also

References

External links

Navigation

Navigation

Help

Translate

Wiki tools

Wiki tools

Anonymous

Search

OpenID Connect

Description

Open source providers

See also

References

External links

Navigation

Wiki tools

Page tools

Other projects

Categories