Embed Size (px)
Citation preview
• Openid Connect
https://store.theartofservice.com/the-openid-connect-toolkit.html
Webfinger
1 WebFinger is specified as the discovery protocol for OpenID
Connect,[http://openid.net/specs/openid-connect-discovery-1_0-17.html
OpenID Connect Discovery 1.0] which is a protocol that allows one to more easily log into various sites on
the Internet.[http://openid.net/connect/
Welcome to OpenID Connect]https://store.theartofservice.com/the-openid-connect-toolkit.html
Microsoft account - Support for OpenID
1 There had been no update on Microsoft's planned implementation of OpenID since August 2009.
[http://blogs.technet.com/b/privacyimperative/archive/2009/08/28/windows-live-id-openid-status-
update.aspx Windows Live ID OpenID Status Update] however since November 2013 Microsoft
have publicly participated in OpenID Connect interoperability testing.http://www.thread-
safe.com/2013/11/microsoft-publicly-participates-in.htmlhttp://msdn.microsoft.com/en-us/library/
live/hh826544.aspx
https://store.theartofservice.com/the-openid-connect-toolkit.html
OpenID Connect
1 'OpenID Connect' ('OIDC') is an authentication layer on top of
OAuth#OAuth 2.0|OAuth 2.0, an authorization framework. The
standard is controlled by the OpenID Foundation.
https://store.theartofservice.com/the-openid-connect-toolkit.html
OpenID Connect - Description
1 In technical terms, OpenID Connect specifies a RESTful HTTP API, using JSON as a data
format
https://store.theartofservice.com/the-openid-connect-toolkit.html
OpenID Connect - Description
1 OpenID Connect allows a range of clients, including Web-based, mobile, and JavaScript clients, to request and
receive information about authenticated sessions and end-users. The specification suite is
Extensibility|extensible, supporting optional features such as encryption of identity data, discovery of OpenID Providers, and session management.
https://store.theartofservice.com/the-openid-connect-toolkit.html
OpenID Connect - Adoption
1 Companies that have started to use OpenID Connect include Google,
Microsoft, Deutsche Telekom, salesforce.com, and the Nomura
Research Institute.
https://store.theartofservice.com/the-openid-connect-toolkit.html
User-Managed Access - History and background
1 UMA does not use or depend on OpenID 2.0 as a means of user
identification. However, it optionally uses the OAuth-based OpenID
Connect protocol as a means of collecting identity claims from a
requesting party in order to attempt to satisfy the authorizing user's
access policy.
https://store.theartofservice.com/the-openid-connect-toolkit.html
Single Sign On
1 Other shared authentication schemes not to be confused with SSO include OAuth, OpenID, OpenID Connect and
Facebook Platform#Facebook Connect|Facebook Connect, which require the user to enter their login credentials each time they access a
different site or application.
https://store.theartofservice.com/the-openid-connect-toolkit.html
Single Sign On - Mobile devices as access controllers
1 A newer variation of single sign-on authentication has been developed using
mobile devices as access controllers. Users' mobile devices can be used to automatically
log them onto multiple systems, such as building access control systems and computer
systems, through the use of authentication methods which include OpenID Connect and
SAML, in conjunction with an X.509 ITU-T cryptography certificate used to identify the
mobile device to an access server.
https://store.theartofservice.com/the-openid-connect-toolkit.html
For More Information, Visit:
• https://store.theartofservice.com/the-openid-connect-toolkit.html
The Art of Servicehttps://store.theartofservice.com
![[OSSParis 2015] The OpenID Connect Protocol](https://img.pdfslide.us/doc/110x75/58edf5bb1a28ab8c708b464b/ossparis-2015-the-openid-connect-protocol.jpg)
