bg_image
header

OpenID Connect

OpenID Connect (OIDC) is an authentication protocol built on top of OAuth 2.0. It allows clients (like web or mobile apps) to verify the identity of a user who logs in via an external identity provider (IdP) — such as Google, Microsoft, Apple, etc.

🔐 In Short:

OAuth 2.0 → handles authorization (access to resources)
OpenID Connect → handles authentication (who is the user?)

🧱 How Does OpenID Connect Work?

  1. User clicks "Login with Google"

  2. Your app redirects the user to Google’s login page

  3. After successful login, Google redirects back with an ID token

  4. Your app validates this JWT token

  5. You now know who the user is — verified by Google

🔑 What’s Inside the ID Token?

The ID token is a JSON Web Token (JWT) containing user identity data, like:

{
  "iss": "https://accounts.google.com",
  "sub": "1234567890",
  "name": "John Doe",
  "email": "john@example.com",
  "iat": 1650000000,
  "exp": 1650003600
}

  • iss = issuer (e.g. Google)

  • sub = user ID

  • email, name = user info

  • iat, exp = issued at / expiration

🧩 Typical Use Cases

  • “Login with Google/Microsoft/Apple”

  • Single Sign-On (SSO) in organizations

  • Centralized user identity (Keycloak, Auth0, Azure AD)

  • OAuth APIs that require identity verification

🛠️ Core Components

Component Description
Relying Party Your app (requests login)
Identity Provider External login provider (e.g. Google)
ID Token JWT containing the user’s identity
UserInfo Endpoint (Optional) endpoint for additional user data
Created 7 Hours 45 Minutes ago
Applications Application Programming Interface - API Authentication Google Hypertext Transfer Protocol - HTTP JSON Web Token - JWT OpenID Connect Principles Programming Software Strategies Web Application Web Development
Leave a Comment Cancel Reply
* Required Field
Categories
Development 607
SCRUM 5 General 1 Kanban 1 Extreme Programming - XP 1 Crystal 5 Dynamic Systems Development Method - DSDM 1 Feature Driven Development - FDD 1
Applications 2
Characteristics 3 Strategies 2 Applications 2
Tags
GitHub Copilot 2 Number of entries with this tag Database triggers 1 Number of entries with this tag jQuery 2 Number of entries with this tag Java Virtual Machine - JVM 3 Number of entries with this tag Pyramid Web Framework 1 Number of entries with this tag Amazon Web Services - AWS 15 Number of entries with this tag Yii 1 Number of entries with this tag Broken Access Control 7 Number of entries with this tag Monolith 2 Number of entries with this tag Selenium 1 Number of entries with this tag Internationalized Resource Identifier - IRI 1 Number of entries with this tag Web Application Firewall - WAF 2 Number of entries with this tag SQL 40 Number of entries with this tag Extensible Hypertext Markup Language - XHTML 3 Number of entries with this tag Scalability 39 Number of entries with this tag
Latest Article

OpenID Connect

in Category

DevelopmentSecuritySecurity Mechanisms

Created 7 Hours 45 Minutes ago
Random Article

Integration Tests

in Category

DevelopmentPrinciplesTesting

Created 1 Year ago
Random Tech

ElasticSearch

Elasticsearch_logo.svg.png