OIDC (OpenID Connect)

What is OIDC?

1. OAuth 2.0 Protocol: OIDC builds on OAuth 2.0, which is a framework for token-based authorization.

2. Identity Provider (IdP): The service that authenticates the user and issues tokens. In our case, Hideez Identity Cloud is an Identity Provider.

3. Client/Application: The application that the user wants to access, which relies on the Hideez Identity Cloud to authenticate the user.

How does OIDC work?

1. User Requests Access: The user tries to access an application (the Client).

2. Client Redirects to Hideez Identity Cloud: The application redirects the user to the identity provider for authentication.

3. User Authenticates: The user logs in at the Hideez Identity Cloud.

4. Hideez Identity Cloud Issues Tokens: Upon successful authentication, the cloud server an ID token, access token, and optionally a refresh token to the client.

5. Client Uses ID Token: The application uses the ID token to verify the user's identity and obtain profile information.

Tokens:

• ID Token: Contains information about the user (e.g., user ID, name, email) and is used to verify the user's identity.

• Access Token: Used to access protected resources and APIs on behalf of the user.

• Refresh Token: Used to obtain new access tokens without requiring the user to log in again.

OIDC is widely used for enabling single sign-on (SSO) and is designed to be simple, RESTful, and interoperable across various platforms and applications. It enhances user experience by providing a consistent login process and simplifies application development by handling user authentication through standardized tokens.

Configuring application as Client for OIDC (OpenID Connect)

• Login to the Hideez Identity Cloud.

• Go to Integration → OIDC→Create Client.

• Here, you can fill in the necessary data about your Service Provider (Client):

Creation of Client