Role of OpenID connect in oAuth security protocol

Introduction

Laymen explanation

In a world increasingly connected by APIs, the role of identity has never been more important. There are different ways that API providers can grant access to data for applications on behalf of users, and one way that has become almost ubiquitous is OAuth 2.0.

Safely allowing an application to access your data via APIs without giving up your credentials is part of what OAuth 2.0 is all about. Why is OpenID Connect needed as well? If you are curious to know this, then this document is for you.

Technical explanation

The core OpenID Connect specification is described as “a simple identity layer on top of the OAuth 2.0 protocol”.

OpenID is a protocol layer on top of oAuth which provides capability to perform user authentication(sign=in).

Note that OAuth 2.0 only provides authorization; OpenID Connect is required to prove the identity of the requesting party.

OpenID flow for authentication

Popular identity providers

• • Google

  • Facebook

  • LinkedIn

• Okta

JWT(JSON Web Token) role

Reference

https://youtu.be/LyqeHAkxVyk

https://images.app.goo.gl/H3rzYPsfUJd6m8Wv9

https://www.youtube.com/watch?v=1M6gqoGiO2s

https://nordicapis.com/what-is-openid-connect/

https://auth0.com/docs/protocols/configure-okta-as-oauth2-identity-provider

https://images.app.goo.gl/tCSHya4HmL71a93J8

https://images.app.goo.gl/siYwTWZDkAXw5gKb8