Introduction to OpenID Connect

Sharing is caring!

It is an extension of OAuth 2.0 protocol where in it adds more information for application. In OAuth 2.0, application get security/authorization token which can be used to access downstream apis.  With OpenID Connect, application can get information about end user and their profile information.

Get an id_token
Retrieve profile information from the UserInfo endpoint using token

The id_token consists of 3 parts which are Base64url encoded separated by (.)

For example


We get above token and need to split them by (.) and then encode them by base64, we will get below 3 values





One needs to perform some validations to make sure that the token is received from trusted client.
One can verify some data from payload, like iss etc.

Lets get the configuration of ID connect
It will return payload with details having token_endpoint,jwks_uri, userinfo_endpoint, scopes_supported

Application can check the userinfo_endpoint and get the user info/profile details.

Sharing is caring!