OpenID Connect (OIDC) is an open authentication protocol that sits on top of OAuth 2.0, transforming it into a powerful framework not only for authorization but also for user authentication. OIDC enables applications to verify a user’s identity based on the authentication performed by an Identity Provider (IdP) and to obtain basic profile information in a secure and standardized way.
‍
While OAuth 2.0 alone provides delegated access to resources, it does not specify how to authenticate users. OIDC fills this gap by introducing the ID Token, a cryptographically signed token (often in the form of a JSON Web Token, or JWT) that contains claims about the authenticated user and the authentication event—such as the user's name, email, unique identifier, and authentication time.
A typical OIDC flow includes:
OIDC supports features such as:
OIDC is widely supported by major IdPs including Google, Microsoft Entra ID (formerly Azure AD), Okta, and Auth0, making it a go-to protocol for cloud-based and mobile authentication scenarios.
‍
By building on the flexibility of OAuth 2.0 and standardizing identity verification, OpenID Connect enables secure, user-friendly authentication flows and seamless integration across modern web, mobile, and API-driven ecosystems.
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.
Block quote
Ordered list
Unordered list
Bold text
Emphasis
Superscript
Subscript