Value proposition

More about OpenID Connect

OpenID Connect (OIDC) is an authentication protocol that is built on the OAuth 2.0 framework, providing a secure way for applications to verify the identity of users and access basic information about their profile.

It is widely used in modern applications that require federated authentication, such as single sign-on (SSO) systems.

How does OIDC work?

  1. Request initiation: The user attempts to log in to an application (client) that is registered with an identity provider (IdP).

  2. Redirect to IdP: The application redirects the user to the IdP, where the user enters their credentials.

  3. Authentication and authorization: The IdP verifies the credentials, obtains user consent (if necessary), and issues an ID Token along with other optional tokens (such as the Access Token).

  4. Validation and use: The client application validates the ID Token to ensure that the authentication is legitimate, and then retrieves basic profile data of the user.

Benefits of OpenID Connect

  • Enables single sign-on (SSO): Users can use a single account across multiple applications or services.

  • Widely adopted standard: Companies like Google, Microsoft, and Amazon use OIDC to authenticate users.

  • Secure and scalable: It uses modern cryptography to sign and verify tokens, ensuring the authenticity of sessions.

  • Improved user experience: No need to remember multiple passwords; popular identity providers are used.

  • Compatible with OAuth 2.0: Since it is an extension of OAuth, developers can reuse much of the existing knowledge and infrastructure.

Common uses

  • Social login: Allows users to log into applications with their Google, Microsoft, Facebook accounts, etc.

  • Enterprise applications: Organizations use OIDC to manage access in internal systems through a corporate IdP.

  • Microservices systems: Modern architectures use OIDC to authenticate users across multiple services with SSO.