OpenID Connect
OpenID Connect (OIDC) is an authentication layer on top of OAuth 2.0, an authorization framework.[1] The standard is controlled by the OpenID Foundation.
Description
OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol, which allows computing clients to verify the identity of an end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user in an interoperable and REST-like manner. In technical terms, OpenID Connect specifies a RESTful HTTP API, using JSON as a data format.
OpenID Connect allows a range of kinds of clients, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, supporting optional features such as encryption of identity data, discovery of OpenID Providers, and session management.[1]
Open source providers
There are several open source implementations of OpenID Connect providers, including:
- MITREid Connect from MIT[2]
- Dex Identity Provider[3]
- Ipsilon[4]
- IdentityServer4[5]
- Keycloak[6]
- oidc-provider[7]
See also
- List of OAuth providers that support OIDC
- Authorization, not to be confused with authentication
- IndieAuth
- OAuth
- OpenID
- SAML 2.0
- WebFinger
- WebID
References
- ^ a b "Welcome to OpenID Connect". OpenID Foundation. Retrieved 2019-12-13.
- ^ An OpenID Connect reference implementation in Java on the Spring platform. on GitHub
- ^ OpenID Connect Identity (OIDC) and OAuth 2.0 Provider with Pluggable Connectors on GitHub
- ^ "Ipsilon - Identity Provider server and toolkit".
- ^ OpenID Connect and OAuth 2.0 Framework for ASP.NET Core on GitHub
- ^ "Keycloak - Open Source Identity and Access Management For Modern Applications and Services".
- ^ OpenID Certified™ OAuth 2.0 Authorization Server implementation for Node.js on GitHub
External links
| Authentication APIs |
|
|---|---|
| Authentication protocols |
|
