OpenID Connect
OIDC
OIDC is an identity layer built on top of OAuth 2.0 that allows applications to verify user identity and obtain basic profile information through a standardized, interoperable protocol.
❓ What is OpenID Connect?
OIDC is an identity layer built on top of OAuth 2.0 that allows applications to verify user identity and obtain basic profile information through a standardized, interoperable protocol.
⚙️ How Does It Work?
After OAuth 2.0 authorization, OIDC adds an ID Token (JWT) containing claims about the authenticated user. Applications use this to establish a user session.
📍 Where Is It Used?
Consumer login (Sign in with Google or Apple), enterprise SSO for modern apps, mobile applications, SPA authentication.
💡 Real-World Example
A SaaS application integrates Sign in with Okta using OIDC. When an employee clicks the button, they authenticate with Okta, and Okta returns an ID token with the user's identity. The app creates a session without storing any passwords.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights delivered to your inbox via Identity Pulse.
Subscribe to Identity Pulse →