Bespoke Web App Development: OIDC

Bespoke Web App Development: OIDC

OIDC stands for OpenID Connect, which is an authentication protocol that provides an extension to the OAuth 2.0 protocol. It allows clients, such as web or mobile applications, to verify the identity of end-users based on the authentication performed by an authorization server.

With OIDC, the client application first obtains an authorization code from the authorization server, and then exchanges this code for an ID token and an access token. The ID token contains information about the end-user, such as their identity and email address, while the access token can be used to access protected resources on behalf of the end-user.

OIDC uses JSON Web Tokens (JWTs) as the format for the ID and access tokens. JWTs are compact, URL-safe, and digitally signed tokens that can be easily verified by the client application.

OIDC provides several benefits over traditional username/password authentication, including improved security, simpler integration with third-party identity providers, and better user experience. It is widely used in modern web and mobile applications to authenticate users and manage access to protected resources.

Read more about OIDC