OpenID Connect

From Wikipedia, the free encyclopedia
Jump to: navigation, search
See also: OpenID

OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework.[1] The standard is controlled by the OpenID Foundation.


OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST-like manner. In technical terms, OpenID Connect specifies a RESTful HTTP API, using JSON as a data format.

OpenID Connect allows a range of clients, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, supporting optional features such as encryption of identity data, discovery of OpenID Providers, and session management.[2]


Companies that have started to use OpenID Connect include Google, Microsoft, Deutsche Telekom,, and the Nomura Research Institute.[3]

See also[edit]


  1. ^ "OpenID Connect". 
  2. ^ "Welcome to OpenID Connect". Retrieved 2013-05-28. 
  3. ^ "The OpenID Foundation Launches the OpenID Connect Standard". 

External links[edit]