iam:oauth:openid

About

OpenID is an open standard and decentralized authentication protocol.

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol.

The OpenID Connect protocol is a flavor of OAuth2

It enables Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

OpenId Discovery

Example from Dex

curl http://127.0.0.1:5556/dex/.well-known/openid-configuration

{
  "issuer": "http://127.0.0.1:5556",
  "authorization_endpoint": "http://127.0.0.1:5556/auth",
  "token_endpoint": "http://127.0.0.1:5556/token",
  "jwks_uri": "http://127.0.0.1:5556/keys",
  "response_types_supported": [
    "code"
  ],
  "subject_types_supported": [
    "public"
  ],
  "id_token_signing_alg_values_supported": [
    "RS256"
  ],
  "scopes_supported": [
    "openid",
    "email",
    "profile"
  ]
}

Documentation / Reference

https://openid.net/specs/openid-connect-core-1_0.html

Table of Contents

Web Authentication - OpenId

About

OpenId Discovery

Documentation / Reference