OpenID Connect

OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework.^[1] The standard is controlled by the OpenID Foundation.

Description

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST-like manner. In technical terms, OpenID Connect specifies a RESTful HTTP API, using JSON as a data format.

OpenID Connect allows a range of clients, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, supporting optional features such as encryption of identity data, discovery of OpenID Providers, and session management.^[1]

Adoption

Organizations that have started to use OpenID Connect include ForgeRock, Gigya,^[2] 10Duke,^[3] Amazon,^[4] Centrify,^[5] the Chilean government,^[6] Deutsche Telekom,^[7] Google,^[8] IBM,^[9] Janrain,^[10] Microsoft,^[11] Okta,^[12] OneLogin,^[13] Ping Identity,^[14] salesforce.com,^[15] The Nomura Research Institute of Japan,^[16] VMware,^[17], General Electric, and i-Sprint Innovations.^[18]

References

^ ^a ^b "OpenID Connect". OpenID Foundation. Retrieved 2016-04-18.
^ OpenID Connect
^ 10Duke Identity Provider, 10duke.com. Retrieved 25 July 2016.
^ OpenID Connect Support for Amazon Cognito, 2014, Jeff Barr, amazon.com. Retrieved 25 July 2016.
^ Custom OpenID Connect applications, centrify.com. Retrieved 25 July 2016.
^ OpenID Connect en ClaveÚnica, 2016, claveunica.gob.cl
^ OpenID Connect @ Deutsche Telekom, 2014, Dr. Torsten Lodderstedt, gsma.com. Retrieved 25 July 2016.
^ OpenID Connect, 2016, google.com. Retrieved 25 July 2016.
^ OpenID Connect, 2016, ibm.com. Retrieved 25 July 2016.
^ "Janrain Supports OpenID Connect".
^ OpenID Connect and OAuth 2.0 support in Azure Active Directory has GA’d!, 2014, Alex_Simons, microsoft.com. Retrieved 25 July 2016.
^ OpenID Connect, okta.com. Retrieved 25 July 2016.
^ Onelogin Supported Platforms and Standards, 2016, Leif Brown, onelogin.com. Retrieved 25 July 2016.
^ OpenID Connect, pingidentity.com. Retrieved 25 July 2016.
^ Inside OpenID Connect on Force.com, 2014, Pat Patterson, pingidentity.com. Retrieved 25 July 2016.
^ "The OpenID Foundation Launches the OpenID Connect Standard".
^ "vmware/lightwave". GitHub. Retrieved 2016-12-01.
^ "OpenID Connect(UAM)". i-sprint.com. Retrieved 2017-04-11.

External links

[//openid.net/connect-1] "OpenID Connect". OpenID Foundation. Retrieved 2016-04-18.

[2] OpenID Connect

[3] 10Duke Identity Provider, 10duke.com. Retrieved 25 July 2016.

[4] OpenID Connect Support for Amazon Cognito, 2014, Jeff Barr, amazon.com. Retrieved 25 July 2016.

[5] Custom OpenID Connect applications, centrify.com. Retrieved 25 July 2016.

[6] OpenID Connect en ClaveÚnica, 2016, claveunica.gob.cl

[7] OpenID Connect @ Deutsche Telekom, 2014, Dr. Torsten Lodderstedt, gsma.com. Retrieved 25 July 2016.

[8] OpenID Connect, 2016, google.com. Retrieved 25 July 2016.

[9] OpenID Connect, 2016, ibm.com. Retrieved 25 July 2016.

[10] "Janrain Supports OpenID Connect".

[11] OpenID Connect and OAuth 2.0 support in Azure Active Directory has GA’d!, 2014, Alex_Simons, microsoft.com. Retrieved 25 July 2016.

[12] OpenID Connect, okta.com. Retrieved 25 July 2016.

[13] Onelogin Supported Platforms and Standards, 2016, Leif Brown, onelogin.com. Retrieved 25 July 2016.

[14] OpenID Connect, pingidentity.com. Retrieved 25 July 2016.

[15] Inside OpenID Connect on Force.com, 2014, Pat Patterson, pingidentity.com. Retrieved 25 July 2016.

[16] "The OpenID Foundation Launches the OpenID Connect Standard".

[17] "vmware/lightwave". GitHub. Retrieved 2016-12-01.

[18] "OpenID Connect(UAM)". i-sprint.com. Retrieved 2017-04-11.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

v t e Authentication
Authentication APIs	BSD Authentication (BSD Auth) eAuthentication (eAuth) Generic Security Services API (GSSAPI) Java Authentication and Authorization Service (JAAS) Pluggable Authentication Modules (PAM) Simple Authentication and Security Layer (SASL) Security Support Provider Interface (SSPI) XCert Universal Database API (XUDA)
Authentication protocols	ACF2 Authentication and Key Agreement (AKA) CAVE-based authentication Challenge-Handshake Authentication Protocol (CHAP) MS-CHAP Central Authentication Service (CAS) CRAM-MD5 Diameter Extensible Authentication Protocol (EAP) Host Identity Protocol (HIP) IndieAuth Kerberos LAN Manager NT LAN Manager (NTLM) OAuth OpenID OpenID Connect (OIDC) Password-authenticated key agreement protocols Password Authentication Protocol (PAP) Protected Extensible Authentication Protocol (PEAP) Remote Access Dial In User Service (RADIUS) Resource Access Control Facility (RACF) Secure Remote Password protocol (SRP) TACACS Woo–Lam
Category Commons

Description

Adoption

See also

References

External links