Hideez Identity Cloud
  • Getting Started Guide
    • Key features of Hideez Identity Cloud
    • Quick Start Guide
      • The Hideez Desktop Client
      • Hideez Authenticator App
    • Tennant manegement
      • User Management
        • Passkey
        • Hideez Authenticator App
        • FIDO Security Key
        • Platform Authentication via Windows Hello
        • Password+OTP
      • Workstation management
  • PC Authorization
    • Passwordless Authorization
      • Active Directory
        • Setting Up the Active Directory Certification Authority
        • Setting Up Workstation Passwordless Logon Settings on Hideez Identity Cloud
      • Microsoft Entra ID
    • Password-based Authorization
  • INTEGRATIONS
    • SAML 2.0
      • GitHub Enterprise
      • Google Workspace
      • Okta
    • OIDC (OpenID Connect)
      • Services that support OIDC and their configuration as Client
    • WS-Federation
      • Login to Exchange Outlook Web Application and Exchange Admin Center via Hideez Identity Cloud
    • Active Directory On-Premises
      • Connect Active Directory to Hideez Identity Cloud
      • ADFS integration
        • Login to Microsoft Exchange OWA Using AD FS and Hideez Identity Cloud as a Third-Party IdP
    • Microsoft Entra ID
      • Synchronization and import employees from Microsoft Entra ID to Hideez Identity Cloud
      • Configuration of Hideez Cloud as an External Authentication Method for Microsoft Entra ID via OIDC
    • Chrome OS
  • USE CASES
    • Passkey Login
    • Hideez Authenticator App login
    • FIDO Security Key login
    • Platform login via Windows Hello
    • Password+TOTP login
  • SUPPORT
    • Get Support
    • FAQ
      • What to do if a user loses their key/device and cannot access the site?
      • Can a custom domain name be created for the tenant instead of the default one?
      • Why am I already logged in Hideez, and no authorization occurs when I access my web application?
      • How long does an open authorization session last?
      • How to log out of the web application?
      • Can I administer multiple tenants simultaneously?
      • Can there be multiple administrators for the Hideez Identity Cloud?
    • Glossary
  • Hideez Documentation Portal
Powered by GitBook
On this page
  • What is OIDC?
  • How does OIDC work?
  • Configuring application as Client for OIDC (OpenID Connect)
  1. INTEGRATIONS

OIDC (OpenID Connect)

What is OIDC?

OIDC (OpenID Connect) is an identity layer on top of the OAuth 2.0 protocol, used for authentication and authorization. It allows applications to verify the identity of users and obtain basic profile information.

  1. OAuth 2.0 Protocol: OIDC builds on OAuth 2.0, which is a framework for token-based authorization.

  2. Identity Provider (IdP): The service that authenticates the user and issues tokens. In our case, Hideez Identity Cloud is an Identity Provider.

  3. Client/Application: The application that the user wants to access, which relies on the Hideez Identity Cloud to authenticate the user.

How does OIDC work?

  1. User Requests Access: The user tries to access an application (the Client).

  2. Client Redirects to Hideez Identity Cloud: The application redirects the user to the identity provider for authentication.

  3. User Authenticates: The user logs in at the Hideez Identity Cloud.

  4. Hideez Identity Cloud Issues Tokens: Upon successful authentication, the cloud server an ID token, access token, and optionally a refresh token to the client.

  5. Client Uses ID Token: The application uses the ID token to verify the user's identity and obtain profile information.

Tokens:

  • ID Token: Contains information about the user (e.g., user ID, name, email) and is used to verify the user's identity.

  • Access Token: Used to access protected resources and APIs on behalf of the user.

  • Refresh Token: Used to obtain new access tokens without requiring the user to log in again.

OIDC is widely used for enabling single sign-on (SSO) and is designed to be simple, RESTful, and interoperable across various platforms and applications. It enhances user experience by providing a consistent login process and simplifies application development by handling user authentication through standardized tokens.

Configuring application as Client for OIDC (OpenID Connect)

  • Go to Integration → OIDC→Create Client.

  • Here, you can fill in the necessary data about your Service Provider (Client):

Creation of Client

Please see the guide on how to:

PreviousOktaNextServices that support OIDC and their configuration as Client

Last updated 2 months ago

Login to the

If you need assistance with server setup or configuring SAML/OIDC, our support team is also available to help. We’ll be happy to assist you!

Hideez Identity Cloud.
Configuration of Hideez Cloud as an External Authentication Method for Microsoft Entra ID via OIDC.
[email protected]