From the course: Microservices: Security
Join today to access over 24,200 courses taught by industry experts.
Issuing identity tokens with OIDC
From the course: Microservices: Security
Issuing identity tokens with OIDC
- [Instructor] The OAuth two standard does leave a bit of a gap because it's solely focused on authorization. The standard does not provide any guidance on how to identify or authenticate end-users. To fill this gap, OpenID Connect was introduced. OpenID Connect is a thin identity layer that sits on top of OAuth. The standard describes how capabilities like authentication and user profile information are delivered using an authentication request, an ID token and a user info endpoint. OpenID Connect or OIDC, establishes a standalone identity provider that is separate from the client application. The architecture allows multiple client applications to leverage the same identity service for authentication. This is opposed to each one building their own and storing credentials. You've probably seen this scenario before. Organizations like LinkedIn, Google or Facebook allow applications they don't own to use their identity…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.