Prepared for the 8th Information Security Technology Trend Research Task Group Meeting, December 22, 2011
http://www.ipa.go.jp/security/outline/committee/isec_tech1.html
The Client sends a request to the Authorization Server's End-User Authorization Endpoint. The Authorization Server authenticates the End-User and obtains appropriate authorization. The Authorization Server responds with an Access Token, an Id Token, and a few other variables. Optionally, the Client sends a request with the ID Token to the Authorization Server's Check ID Endpoint . Optionally, the Check ID Endpoint responds with authentication information pertaining to the supplied ID Token. The Client sends a request with the Access Token to the UserInfo Endpoint . UserInfo Endpoint returns the additional End-User information supported by the Resource Server.