• Stands for Open ID Connect
  • Builds on top of OAuth 2.0
  • Instead of just giving back Access Token, it also gives back a ‘badge’ - information who you are ID Token

The workflow is pretty similar to OAuth 2.0 except

  1. Scope in Consent has OPENID
  2. Client receives both Access Token & ID Token

ID Token

Identity Provider