OpenId Connect Terminologies

Learn the fundamental OpenID Connect terminologies such as identity tokens, scopes, claims, and the primary endpoints used for authentication and user information exchange. Understand how tokens encode user data and the validation steps required to secure applications.

We'll cover the following...

Identity token
Scope
Claims
Endpoints

1. Authorization endpoint
2. Token endpoint
3. UserInfo endpoint

Here is the important terminology of OpenId Connect.

Identity token

While discussing OAuth, we discussed the authorization code and access token. In the case of OpenId Connect, there is one more token that we can request. This token is called the identity token, which encodes the user’s authentication information.

In contrast to access tokens, which are only intended to be understood by the resource server, ID tokens are intended to be understood by the client application. The ID token contains the user information in JSON format. The JSON is wrapped into a ...

1.Getting started with Web Application Security

2.HTTPS Basics

3.JSON Web Token

4.OAuth

5.OpenID Connect

6.Conclusion

OpenId Connect Terminologies

Identity token