OIDC (OpenID Connect)

What is OIDC?

  1. OAuth 2.0 Protocol: OIDC builds on OAuth 2.0, which is a framework for token-based authorization.

  2. Identity Provider (IdP): The service that authenticates the user and issues tokens. In our case, Hideez Identity Cloud is an Identity Provider.

  3. Client/Application: The application that the user wants to access, which relies on the Hideez Identity Cloud to authenticate the user.

How does OIDC work?

  1. User Requests Access: The user tries to access an application (the Client).

  2. Client Redirects to Hideez Identity Cloud: The application redirects the user to the identity provider for authentication.

  3. User Authenticates: The user logs in at the Hideez Identity Cloud.

  4. Hideez Identity Cloud Issues Tokens: Upon successful authentication, the cloud server an ID token, access token, and optionally a refresh token to the client.

  5. Client Uses ID Token: The application uses the ID token to verify the user's identity and obtain profile information.

Tokens:

  • ID Token: Contains information about the user (e.g., user ID, name, email) and is used to verify the user's identity.

  • Access Token: Used to access protected resources and APIs on behalf of the user.

  • Refresh Token: Used to obtain new access tokens without requiring the user to log in again.

OIDC is widely used for enabling single sign-on (SSO) and is designed to be simple, RESTful, and interoperable across various platforms and applications. It enhances user experience by providing a consistent login process and simplifies application development by handling user authentication through standardized tokens.

Configuring application as Client for OIDC (OpenID Connect)

  • Go to Integration → OIDC→Create Client.

  • Here, you can fill in the necessary data about your Service Provider (Client):

Creation of Client

If you need assistance with server setup or configuring SAML/OIDC, our support [email protected] team is also available to help. We’ll be happy to assist you!

Last updated