OpenID Connect

About

OpenID = OAuth 2.0 + Authentication.

OpenID 1.0 allows user to authenticate in different sites using a single identity, but this version has several limitations and security vulnerabilities.

In 2007 it was replaces by OpenID 2.0 which incresed security, added multi-factor authentication resources and added support for several identity providers.

OpendID is a token based authentication layer over OAuth 2.0 protocol.

It was created to provide federated authentication in Web and Mobile apps, allowing users to login in different apps using the credentials of a single identity.

It is based in concepts like:

• Authentication flows;

• Access Tokens;

• Tokens updates;

• Checkable Identities.