1. OpenID Connect Open ID Connect 1.0 is a simple identity layer on top of OAuth 2.0 protocol. It allows a client application to request the identity of users in a standardized REST-like manner as an ID token. It supports various applications like web-based clients, mobile, cloud and JavaScript clients. It requests and receives information about authenticated sessions and end users. Open ID Connect enables clients to use features like encryption of identity data, discovery of Open ID Providers and session management. Open ID Connect is different from its previous standard- Open ID 2.0 as it supports mobile application and is more user friendly than Open ID 2.0. Moreover, it provides a strong and robust mechanism for signing and encrypting data …show more content…
Figure3: Information flow in Open ID Connect 1. End user requesting resource from service provider which acts as Relying party. 2. Relying party respond back with list of identity providers (Open ID Connect is designed such that the users are able to select their preferred identity provider, also known as OpenID Providers which renders the authentication challenge and gains user approval before sharing user attributes.) 3. User selects preferred identity provider. 4. User’s authentication request is redirected to selected identity provider and user receives authentication challenge from Identity Provider. 5. User fills in his/her credentials for authentication and authorization. 6. OpenID provider sends user authentication response back to service provider which is referred as relying party. 7. The relying party can request additional profile attributes from OpenID provider. 8. OpenId provider respond back with requested user attributes. Finally the protected resource is sent back to end