sajad torkamani

In a nutshell

OpenID Connect is an open standard and decentralized authentication protocol that allows applications and services (known as relying parties or RP) to authenticate users using third-party identity providers (e.g., Google or Facebook).

Once users authenticate using an identity provider, the relying party receives an ID token (a JWT) from the identity provider that proves the user has authenticated and that can provide additional user details (e.g., name or email) in the JWT payload.

What is OpenID connect?

Why does it exist?

Building a secure and robust registration / login system is time-consuming and difficult. OpenID makes the process easier by eliminating the need for developers to implement their own registration / login systems.

Key terms

End userThe entity that wants to assert their identity.
Relying party (RP) / Service providerWebsite or app that wants to verify the end user’s identity.
Identity provider / OpenID provider (OP)The service that specializes in registering OpenID URLs or XRIs.

Other notes

The term OpenID can also refer to an identifier as specified in the OpenID standard. These identifiers are typically a URI that’s managed by an OpenID provider.