OpenID Connect: An Overview

Download as PPTX, PDF

5 likes13,336 views

OpenID Connect is a simple identity layer that allows clients like mobile or web apps to verify user identities based on an authentication performed by an authorization server, as well as obtain basic profile information about users. It is built on OAuth 2.0 and defined by the OpenID Foundation. The specification defines core features as well as optional discovery, dynamic registration, session management, and OAuth 2.0 response types. Major companies like Google, Salesforce, and Microsoft have implemented or are deploying OpenID Connect to provide single sign-on for web and mobile clients.

Technology News & Politics

More Related Content

What's hot (20)

PDF

OAuthIván Fernández Perea

PDF

OAuth 2.0Uwe Friedrichsen

PDF

Implementing OAuthleahculver

PDF

SAML VS OAuth 2.0 VS OpenID ConnectUbisecure

PPTX

An Introduction to OAuth2Aaron Parecki

PDF

API Security Best Practices & GuidelinesPrabath Siriwardena

PPTX

An Introduction to OAuth 2Aaron Parecki

PDF

Keycloak SSO basicsJuan Vicente Herrera Ruiz de Alejo

PPTX

OAuth2 + API SecurityAmila Paranawithana

PPTX

OpenID for Verifiable CredentialsTorsten Lodderstedt

PDF

Stateless Auth using OAUTH2 & JWTMobiliya

PDF

Introduction to SAML 2.0Mika Koivisto

PDF

Demystifying OAuth 2.0Karl McGuinness

PDF

Web Authentication APIFIDO Alliance

PPTX

Keycloak for Science Gateways - SGCI Technology Sampler Webinarmarcuschristie

PPTX

API Security : Patterns and PracticesPrabath Siriwardena

PPTX

Gateway/APIC securityShiu-Fun Poon

PDF

OAuth 2.0 with IBM WebSphere DataPowerShiu-Fun Poon

PDF

OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt

PPTX

Rest API SecurityStormpath

OAuthIván Fernández Perea

OAuth 2.0Uwe Friedrichsen

Implementing OAuthleahculver

SAML VS OAuth 2.0 VS OpenID ConnectUbisecure

An Introduction to OAuth2Aaron Parecki

API Security Best Practices & GuidelinesPrabath Siriwardena

An Introduction to OAuth 2Aaron Parecki

Keycloak SSO basicsJuan Vicente Herrera Ruiz de Alejo

OAuth2 + API SecurityAmila Paranawithana

OpenID for Verifiable CredentialsTorsten Lodderstedt

Stateless Auth using OAUTH2 & JWTMobiliya

Introduction to SAML 2.0Mika Koivisto

Demystifying OAuth 2.0Karl McGuinness

Web Authentication APIFIDO Alliance

Keycloak for Science Gateways - SGCI Technology Sampler Webinarmarcuschristie

API Security : Patterns and PracticesPrabath Siriwardena

Gateway/APIC securityShiu-Fun Poon

OAuth 2.0 with IBM WebSphere DataPowerShiu-Fun Poon

OpenID for Verifiable Credentials (IIW 35)Torsten Lodderstedt

Rest API SecurityStormpath

Similar to OpenID Connect: An Overview (20)

PDF

OpenID Connect "101" Introduction -- October 23, 2018OpenIDFoundation

PDF

OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group UpdateMikeLeszcz

PPTX

OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...OpenIDFoundation

PPTX

Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...MysoreMuleSoftMeetup

PPTX

CIS 2013 Ping Identity ChalktalkCraig Wu

PDF

OpenID Foundation Connect Working Group Update - October 22, 2018OpenIDFoundation

PDF

OpenID for SSITorsten Lodderstedt

PDF

ざっくり解説 LINE ログインNaohiro Fujie

PDF

CIS 2015 OpenID Connect Workshop Part 1: Challenges for mobile - B. Allyn FayCloudIDSummit

PDF

Five Things You Gotta Know About Modern IdentityMark Diodati

PDF

AllTheTalks.Online 2020: "Basics of OAuth 2.0 and OpenID Connect"Andreas Falk

PDF

SSO with the WSO2 Identity ServerWSO2

PDF

Sso with the wso2 identity serversureshattanayake

PDF

Implementing Microservices Security Patterns & Protocols with SpringVMware Tanzu

PDF

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt

PPTX

Microservice with OAuth2◄ vaquar khan ► ★✔

PDF

Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectVinay Manglani

PDF

OpenID Foundation/Open Banking Workshop - OpenID Foundation OverviewMikeLeszcz

PDF

WSO2 Identity Server - Product OverviewWSO2

PPTX

Authorization and Authentication using IdentityServer4Aaron Ralls

OpenID Connect "101" Introduction -- October 23, 2018OpenIDFoundation

OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group UpdateMikeLeszcz

OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...OpenIDFoundation

Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...MysoreMuleSoftMeetup

CIS 2013 Ping Identity ChalktalkCraig Wu

OpenID Foundation Connect Working Group Update - October 22, 2018OpenIDFoundation

OpenID for SSITorsten Lodderstedt

ざっくり解説 LINE ログインNaohiro Fujie

CIS 2015 OpenID Connect Workshop Part 1: Challenges for mobile - B. Allyn FayCloudIDSummit

Five Things You Gotta Know About Modern IdentityMark Diodati

AllTheTalks.Online 2020: "Basics of OAuth 2.0 and OpenID Connect"Andreas Falk

SSO with the WSO2 Identity ServerWSO2

Sso with the wso2 identity serversureshattanayake

Implementing Microservices Security Patterns & Protocols with SpringVMware Tanzu

How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt

Microservice with OAuth2◄ vaquar khan ► ★✔

Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectVinay Manglani

OpenID Foundation/Open Banking Workshop - OpenID Foundation OverviewMikeLeszcz

WSO2 Identity Server - Product OverviewWSO2

Authorization and Authentication using IdentityServer4Aaron Ralls

More from Pat Patterson (20)

PPTX

DevOps from the Provider PerspectivePat Patterson

PPTX

How Imprivata Combines External Data Sources for Business InsightsPat Patterson

PPTX

Data Integration with Apache Kafka: What, Why, HowPat Patterson

PPTX

Project Ouroboros: Using StreamSets Data Collector to Help Manage the StreamS...Pat Patterson

PPTX

Dealing with Drift: Building an Enterprise Data LakePat Patterson

PPTX

Integrating with Einstein AnalyticsPat Patterson

PPTX

Efficient Schemas in Motion with Kafka and Schema RegistryPat Patterson

PPTX

Dealing With Drift - Building an Enterprise Data LakePat Patterson

PPTX

Building Data Pipelines with Spark and StreamSetsPat Patterson

PPTX

Adaptive Data Cleansing with StreamSets and CassandraPat Patterson

PDF

Building Custom Big Data IntegrationsPat Patterson

PPTX

Ingest and Stream Processing - What will you choose?Pat Patterson

PPTX

Open Source Big Data Ingestion - Without the Heartburn!Pat Patterson

PPTX

Ingest and Stream Processing - What will you choose?Pat Patterson

PPTX

All Aboard the Boxcar! Going Beyond the Basics of RESTPat Patterson

PPTX

Provisioning IDaaS - Using SCIM to Enable Cloud IdentityPat Patterson

PPTX

OData: Universal Data Solvent or Clunky Enterprise Goo? (GlueCon 2015)Pat Patterson

PPTX

Enterprise IoT: Data in ContextPat Patterson

PPTX

OData: A Standard API for Data AccessPat Patterson

PPTX

API-Driven Relationships: Building The Trans-Internet Express of the FuturePat Patterson

DevOps from the Provider PerspectivePat Patterson

How Imprivata Combines External Data Sources for Business InsightsPat Patterson

Data Integration with Apache Kafka: What, Why, HowPat Patterson

Project Ouroboros: Using StreamSets Data Collector to Help Manage the StreamS...Pat Patterson

Dealing with Drift: Building an Enterprise Data LakePat Patterson

Integrating with Einstein AnalyticsPat Patterson

Efficient Schemas in Motion with Kafka and Schema RegistryPat Patterson

Dealing With Drift - Building an Enterprise Data LakePat Patterson

Building Data Pipelines with Spark and StreamSetsPat Patterson

Adaptive Data Cleansing with StreamSets and CassandraPat Patterson

Building Custom Big Data IntegrationsPat Patterson

Ingest and Stream Processing - What will you choose?Pat Patterson

Open Source Big Data Ingestion - Without the Heartburn!Pat Patterson

Ingest and Stream Processing - What will you choose?Pat Patterson

All Aboard the Boxcar! Going Beyond the Basics of RESTPat Patterson

Provisioning IDaaS - Using SCIM to Enable Cloud IdentityPat Patterson

OData: Universal Data Solvent or Clunky Enterprise Goo? (GlueCon 2015)Pat Patterson

Enterprise IoT: Data in ContextPat Patterson

OData: A Standard API for Data AccessPat Patterson

API-Driven Relationships: Building The Trans-Internet Express of the FuturePat Patterson

Recently uploaded (20)

PDF

Peak of Data & AI Encore AI-Enhanced Workflows for the Real WorldSafe Software

PDF

Book industry state of the nation 2025 - Tech Forum 2025BookNet Canada

PDF

Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...Safe Software

PDF

UPDF - AI PDF Editor & Converter Key FeaturesDealFuel

PDF

The 2025 InfraRed Report - Redpoint VenturesRazin Mustafiz

PDF

NLJUG Speaker academy 2025 - first sessionBert Jan Schrijver

PDF

NASA A Researcher’s Guide to International Space Station : Physical Sciences ...Dr. PANKAJ DHUSSA

PDF

CIFDAQ Market Wrap for the week of 4th July 2025CIFDAQ

PDF

POV_ Why Enterprises Need to Find Value in ZERO.pdfdarshakparmar

DOCX

Python coding for beginners !! Start now!#Rajni Bhardwaj Grover

PDF

“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...Edge AI and Vision Alliance

PDF

UiPath DevConnect 2025: Agentic Automation Community User Group MeetingDianaGray10

PDF

“Voice Interfaces on a Budget: Building Real-time Speech Recognition on Low-c...Edge AI and Vision Alliance

PPTX

Designing_the_Future_AI_Driven_Product_Experiences_Across_Devices.pptxpresentifyai

PDF

Reverse Engineering of Security Products: Developing an Advanced Microsoft De...nwbxhhcyjv

PDF

What’s my job again? Slides from Mark Simos talk at 2025 Tampa BSidesMark Simos

PPTX

Mastering ODC + Okta Configuration - Chennai OSUGHathiMaryA

PDF

Transforming Utility Networks: Large-scale Data Migrations with FMESafe Software

PPT

Ericsson LTE presentation SEMINAR 2010.pptnpat3

PDF

Agentic AI lifecycle for Enterprise Hyper-AutomationDebmalya Biswas

Peak of Data & AI Encore AI-Enhanced Workflows for the Real WorldSafe Software

Book industry state of the nation 2025 - Tech Forum 2025BookNet Canada

Automating Feature Enrichment and Station Creation in Natural Gas Utility Net...Safe Software

UPDF - AI PDF Editor & Converter Key FeaturesDealFuel

The 2025 InfraRed Report - Redpoint VenturesRazin Mustafiz

NLJUG Speaker academy 2025 - first sessionBert Jan Schrijver

NASA A Researcher’s Guide to International Space Station : Physical Sciences ...Dr. PANKAJ DHUSSA

CIFDAQ Market Wrap for the week of 4th July 2025CIFDAQ

POV_ Why Enterprises Need to Find Value in ZERO.pdfdarshakparmar

Python coding for beginners !! Start now!#Rajni Bhardwaj Grover

“NPU IP Hardware Shaped Through Software and Use-case Analysis,” a Presentati...Edge AI and Vision Alliance

UiPath DevConnect 2025: Agentic Automation Community User Group MeetingDianaGray10

“Voice Interfaces on a Budget: Building Real-time Speech Recognition on Low-c...Edge AI and Vision Alliance

Designing_the_Future_AI_Driven_Product_Experiences_Across_Devices.pptxpresentifyai

Reverse Engineering of Security Products: Developing an Advanced Microsoft De...nwbxhhcyjv

What’s my job again? Slides from Mark Simos talk at 2025 Tampa BSidesMark Simos

Mastering ODC + Okta Configuration - Chennai OSUGHathiMaryA

Transforming Utility Networks: Large-scale Data Migrations with FMESafe Software

Ericsson LTE presentation SEMINAR 2010.pptnpat3

Agentic AI lifecycle for Enterprise Hyper-AutomationDebmalya Biswas

OpenID Connect: An Overview

1. OpenID Connect: An Overview Pat Patterson Developer Evangelist Architect salesforce.com @metadaddy

2. What is OpenID Connect? Simple Identity Layer for the Internet [OpenID Connect] allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

3. What is OpenID Connect? • Specification defined by OpenID Foundation ‘Connect’ Work Group – NRI, Ping Identity, Microsoft, Google, Salesforce etc • Built on OAuth 2.0 • REST-based • Successor to SAML?

4. OpenID Connect Status • ‘Nearly complete’ – Second set of OpenID Connect Implementer’s Drafts approved in July, 2013 – Interop testing under way – Waiting for dependencies to be standardized • JWT, JWS etc

5. OpenID Connect Specification • OpenID Connect 1.0 Specification – Core – Discovery (optional) – Dynamic Registration (optional) – Session Management (optional) – OAuth 2.0 Multiple Response Types • Implementer’s Guides – Basic Client Profile – Implicit Client Profile

6. OpenID Connect Roles Web-based, mobile, or JavaScript Clients verify the identity of End-Users based on authentication performed by an Authorization Server.

7. OpenID Connect Basic Client Profile

8. OpenID Connect Implicit Client Profile

9. OpenID Connect Token Response { "access_token":"SlAV32hkKG", "token_type":"Bearer", "expires_in":3600, "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", "id_token":"eyJ0 ... NiJ9.eyJ1c ... ZXso” } • id_token is a JSON Web Token (JWT) – Signed, URL/filename-safe base64 encoded JSON data

10. OpenID Connect ID Token { "iss": "https://server.example.com", "sub": "24400320", "aud": "s6BhdRkqt3", "exp": 1311281970, "iat": 1311280970 } • Issuer, Subject, Audience, Expiry, Issued At • Also optional email, auth_time, nonce etc

11. Who is Deploying OpenID Connect? • Services: Google, Salesforce, eBay, AOL, Deutsche Telekom, Orange • Vendors: IBM, Microsoft, Ping Identity, Layer 7, ForgeRock, Gluu, MITRE, NRI

12. OpenID Connect in Action • Client: Salesforce Community • Auth Server: Google • End User: Me!

13. Salesforce Community Login Page

14. Google Login Page

15. Google Authorization Page

16. Salesforce Community Home Page

17. Questions? Pat Patterson Developer Evangelist Architect salesforce.com @metadaddy