Identity & Access
OpenID Connect (OIDC)
Also known as: OIDC
Definition
An identity layer built on top of OAuth 2.0 that lets clients verify a user's identity and obtain basic profile information via signed ID tokens.
Examples
- A web app using "Sign in with Microsoft" via OIDC to authenticate corporate users.
- A mobile app validating an ID token from Auth0 before granting access to user data.
Related terms
OAuth 2.0
An open authorization framework that lets a resource owner grant a third-party application limited, scoped access to an API without sharing credentials.
Single Sign-On (SSO)
An authentication scheme that lets a user sign in once at a trusted identity provider and then access many applications without re-entering credentials.
Federated Identity
An arrangement in which separate organizations or domains trust a common identity provider so users can use one identity across all of them.
SAML
An XML-based open standard for exchanging authentication and authorization assertions between an identity provider and a service provider.
Authentication
The process of verifying that an entity — user, device or service — really is who or what it claims to be before granting access.
Identity and Access Management (IAM)
A discipline and set of technologies for defining digital identities and controlling which resources each identity may access under which conditions.