security:oidc
Table of Contents
Open ID Connect - OIDC
OpenID Connect is based on top of Oauth 2.0.
Gaps in Oauth 2.0 access token. Still in the access token - some parts are missing. It just proves, that the Client user was authorized
Oauth 2.0 access token
{
"access_token" : "2asfasgagsddsasdA" ,
"token_type" : "Bearer",
"expires_in" : 3600,
"refresh_token" : "tGkjkj3r23jkKJJKkkjJ"
}
OpenID Connect Extends OAuth 2.0 with new signed id_token for the Client and UserInfo endpoint to fetch user attributes
Provides a standard set of scopes and claims for identities
- profile
- email
- address
- phone
Built-in registration, discovery & metadata for dynamic federations Bring Your Own Identity (BYOI)
Supports high assurance levels and key SAML use cases (enterprise) OAuth 2.0 + Facebook Connect + SAML 2.0 (good parts)
OIDC Access Token. The important parts is: “id_token” : “eyJKHkjkjsafLKHLJh81298eolkjKJkjhhg….”
{
"access_token" : "2asfasgagsddsasdA" ,
"token_type" : "Bearer",
"expires_in" : 3600,
"refresh_token" : "tGkjkj3r23jkKJJKkkjJ",
"id_token" : "eyJKHkjkjsafLKHLJh81298eolkjKJkjhhg...."
}
security/oidc.txt · Last modified: 2023/11/01 07:13 by skipidar