OIDC (OpenID Connect)

OpenID Connect (OIDC) is an identity layer built on top of OAuth 2.0 that enables authentication and single sign-on (SSO) across multiple applications using a single set of credentials.

OpenID Connect (OIDC) is an identity layer that works in conjunction with the OAuth 2.0 framework to provide authentication and single sign-on (SSO) capabilities. While OAuth 2.0 is primarily used for authorization (granting access to resources), OIDC extends its functionality to include authentication, allowing users to verify their identity across different applications without needing to re-enter their credentials multiple times.

OIDC operates by issuing an ID token in addition to the standard OAuth 2.0 access token. The ID token contains information about the user, such as their unique identifier (sub), authentication timestamp, and other profile data, which the relying party (the application) can use to authenticate the user.

This protocol is widely used in scenarios where secure and scalable authentication is needed, such as enabling users to log in to third-party applications using their Google or Facebook accounts. OIDC is designed to be simple to implement, allowing developers to integrate robust authentication into their applications with minimal effort.

In summary, OpenID Connect (OIDC) enhances OAuth 2.0 by adding authentication capabilities, enabling secure single sign-on (SSO) across multiple applications with a single set of user credentials.