Member-only story
OpenID Connect: The Key to Seamless User Authentication
“Authentication is the key that unlocks the door to a secure digital world.” — Unknown
This is a continuation of my previous article OAuth 2.0 . I mentioned OAuth protocol is used for Authorization. There are some reasons why it should be used for Authentication.
- Lack of standardisation. There is no standard way to get user information.
- Scope definition can vary across different authorization servers. It can be difficult to get user information across various providers.
During the initial days OAuth became so popular that people started using OAuth to get user details and perform authentication. This misuse led to lack of standardisation and confusion. Inorder to resolve this, OpenId Connect was introduced as a small layer on top of OAuth. This layer is responsible for the authentication part, while OAuth takes care of authorisation part which it is supposed to do, as shown in the below diagram.
What OpenID adds on top of OAuth 2.0
- ID Token
- An endpoint for getting user information
- Standard set of scopes
- Standardized implementation
So with OpenID connect on top of OAuth, the client will need an ID token along with an Access…
