OIDC: Identity Layer on OAuth2
Discover how OpenID Connect adds an identity layer atop OAuth2, enabling authentication and identity federation.
Welcome to OpenID Connect!
You've learned about OAuth2 for authorization. Now, let's explore OpenID Connect (OIDC), the identity layer built on top of OAuth2.
OIDC helps applications verify a user's identity and get basic profile information securely.
OAuth2: Delegation, Not Identity
Remember, OAuth2 is an authorization protocol. It's designed to grant limited access to a user's resources without sharing their credentials.
- It tells you what a client can do.
- It doesn't tell you who the user is.
All lessons in this course
- OIDC: Identity Layer on OAuth2
- ID Tokens & Claims
- OIDC Flows Overview
- The UserInfo Endpoint