The OpenID Connect protocol and its specifications
Azure AD uses the OpenID Connect protocol to power the sign-in flows. OpenID Connect is an authentication protocol that is built on top of OAuth 2.0. This identity layer can be used to securely sign in a user to an application. When using the implementation provided by the Microsoft identity platform, you can also make use of features to sign users in and add API access to your apps.
OAuth 2.0 provides an authorization protocol, and OpenID Connect extends this protocol to be used as an authentication protocol. You can perform single sign-on using OAuth by extending this to an authentication protocol with OpenID Connect. To enable clients to verify the identity of the user, OpenID Connect introduces a security token that is called the ID token. OpenID Connect specifies that ID tokens are JWTs. There is basic profile information about the user stored in this ID token. Additionally, OpenID Connect introduces an UserInfo Endpoint, which...
