OIDC (OpenID Connect)

What is OIDC?

OIDC (OpenID Connect) is an identity layer on top of the OAuth 2.0 protocol, used for authentication and authorization. It allows applications to verify the identity of users and obtain basic profile information.

  1. OAuth 2.0 Protocol: OIDC builds on OAuth 2.0, which is a framework for token-based authorization.

  2. Identity Provider (IDP): The service that authenticates the user and issues tokens. In our case, Hideez Identity Cloud is an Identity Provider.

  3. Client/Application: The application that the user wants to access, which relies on the Hideez Identity Cloud to authenticate the user.

How does OIDC work?

  1. User Requests Access: The user tries to access an application (the Client).

  2. Client Redirects to Hideez Identity Cloud: The application redirects the user to the identity provider for authentication.

  3. User Authenticates: The user logs in at the Hideez Identity Cloud.

  4. Hideez Identity Cloud Issues Tokens: Upon successful authentication, the cloud server an ID token, access token, and optionally a refresh token to the client.

  5. Client Uses ID Token: The application uses the ID token to verify the user's identity and obtain profile information.

Tokens:

  • ID Token: Contains information about the user (e.g., user ID, name, email) and is used to verify the user's identity.

  • Access Token: Used to access protected resources and APIs on behalf of the user.

  • Refresh Token: Used to obtain new access tokens without requiring the user to log in again.

OIDC is widely used for enabling single sign-on (SSO) and is designed to be simple, RESTful, and interoperable across various platforms and applications. It enhances user experience by providing a consistent login process and simplifies application development by handling user authentication through standardized tokens.

Configuring application as Client for OIDC (OpenID Connect)

  • Login to the Hideez Identity Cloud.

  • Go to Integration → OIDC→Create Client.

  • Here, you can fill in the necessary data about your Service Provider (Client):

Creation of Client

Please see the guide on how to:

If you need assistance with server setup or configuring SAML/OIDC, our support [email protected] team is also available to help. We’ll be happy to assist you!

PreviousOktaNextServices that support OIDC and their configuration as Client

Last updated