OpenID Connect

See also: OpenID

OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework.[1] The standard is controlled by the OpenID Foundation.

Description

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST-like manner. In technical terms, OpenID Connect specifies a RESTful HTTP API, using JSON as a data format.

OpenID Connect allows a range of clients, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, supporting optional features such as encryption of identity data, discovery of OpenID Providers, and session management.[1]

Adoption

Companies that have started to use OpenID Connect include Google, IBM, Microsoft, Amazon, Janrain,[2] OneLogin, Ping Identity, Deutsche Telekom, salesforce.com, Centrify,Okta, and the Nomura Research Institute of Japan.[3]

See also

References

  1. 1 2 "OpenID Connect". OpenID Foundation. Retrieved 2016-04-18.
  2. "Janrain Supports OpenID Connect".
  3. "The OpenID Foundation Launches the OpenID Connect Standard".

External links


This article is issued from Wikipedia - version of the Wednesday, May 04, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.