OIDC was established as a standard by its membership in February 2014. OIDC provides a lightweight framework for identity interactions in a RESTful manner. The specification was developed under the OpenID Foundation and has its roots in OpenID; it was greatly affected by OAuth 2.0, because that specification was not intended for authentication. Microsoft was also a co-author of the OIDC specification.
OpenID Connect (OIDC)
Key facts about OIDC
It defines the following identity layers on top of OAuth 2.0:
- It uses two OAuth 2.0 flows:
- Authorization code flow
- Implicit flow
- Adds an ID token to OAuth 2.0 exchange
- Adds the ability to request claims using an OAuth 2.0 access token
The following...