OIDC

OIDC Specifications

1. OpenID Connect Basic Client Profile.

Description

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

This OpenID Connect Basic Client Implementer's Guide 1.0 contains a subset of the OpenID Connect Core 1.0 specification that is designed to be easy to read and implement for basic Web-based Relying Parties using the OAuth Authorization Code Flow. This document intentionally duplicates content from the Core specification to provide a self-contained implementer's guide for basic Web-based Relying Parties using the OAuth Authorization Code Flow.

Draft: OpenID Connect Basic Client Implementer's Guide 1.0 - draft 45

2. OpenID Connect Implicit Client Profile.

Description

This OpenID Connect Implicit Client Implementer's Guide 1.0 contains a subset of the OpenID Connect Core 1.0 specification that is designed to be easy to read and implement for basic Web-based Relying Parties using the OAuth 2.0 Implicit Flow. This document intentionally duplicates content from the Core specification to provide a self-contained implementer's guide for basic Web-based Relying Parties using the OAuth Implicit Flow.

Draft: OpenID Connect Implicit Client Implementer's Guide 1.0 - draft 28

3. OpenID Connect Hybrid Profile.

Description

This section describes how to perform authentication using the Hybrid Flow. When using the Hybrid Flow, some tokens are returned from the Authorization Endpoint and others are returned from the Token Endpoint. The mechanisms for returning tokens in the Hybrid Flow are specified in OAuth 2.0 Multiple Response Type Encoding Practices [OAuth.Responses].

Public References:

Final: OpenID Connect Core 1.0 incorporating errata set 1

Section 3.3 - Authentication using the Hybrid Flow

Section 15.1 - Mandatory to Implement Features for All OpenID Providers

4. OpenID Provider Metadata.

Description

OpenID Providers have metadata describing their configuration.

Public References

Final: OpenID Connect Discovery 1.0 incorporating errata set 1

Section 3 - OpenID Provider Metadata

Section 4 - Obtaining OpenID Provider Configuration Information

5. Dynamic OpenID Provider.

Description

This specification defines how an OpenID Connect Relying Party can dynamically register with the End-User's OpenID Provider, providing information about itself to the OpenID Provider, and obtaining information needed to use it, including the OAuth 2.0 Client ID for this Relying Party.

Public References:

Final: OpenID Connect Dynamic Client Registration 1.0 incorporating errata set 1

Final: OpenID Connect Core 1.0 incorporating errata set 1

Section 15.2 - Mandatory to Implement Features for Dynamic OpenID Providers

Section 4 - Obtaining OpenID Provider Configuration Information

WSO2 References

Documentation

6. OpenID Connect Discovery.

Description

This specification defines a mechanism for an OpenID Connect Relying Party to discover the End-User's OpenID Provider and obtain information needed to interact with it, including its OAuth 2.0 endpoint locations.

Public References

Final: OpenID Connect Discovery 1.0 incorporating errata set 1

7. OpenID Connect Session Management.

Description

This document describes how to manage sessions for OpenID Connect, including when to log out the End-User.

Public References

Final: OpenID Connect Session Management 1.0

PreviousOAuth2 NextSCIM

Last updated 6 years ago