OpenID Connect vs. OpenID 1 & 2


Published on

OpenID Connect is the newest iteration of the OpenID Internet authentication standard that’s been developed in coordination by Google, Facebook, Microsoft and others at the OpenID Foundation.

OpenID Connect performs many of the same tasks as OpenID 1 & 2, but does so in a way that is API-friendly, and usable by native and mobile applications.

OpenID 1 and 2 lend part of their name, but Connect is a complete re-write that is fundamentally better architected for the modern web in a few important ways.

Published in: Technology, Education
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

OpenID Connect vs. OpenID 1 & 2

  1. 1. OpenID Connect vs. OpenID 1 & 2 3 important new features Connect has that OpenID 1 & 2 didn’t.
  2. 2. What is OpenID? ● Open standard for authentication ● Developed by members of OpenID Foundation ● Framework for the communication that must take place between IDP & RP
  3. 3. Problems w/ OpenID 1 & 2 ● URI’s as the identifier were too hard for people to remember ● Not API & Mobile friendly ● No support for robust signing & encryption
  4. 4. Enhancements to Connect 1) Discovery: provides a scalable way for RP’s to allow people to authenticate via any OpenID Connect Provider, not just major IDP’s like Google & Facebook.
  5. 5. Enhancements to Connect 2) Email as the identifier: People never have trouble remembering their email addresses, and email is an intuitive way to think about resource access (i.e. Am I accessing business content? Ok, then I use my business email creds).
  6. 6. Enhancements to Connect 3) Dynamic Client Registration: In order to support the growing number of devices and API’s using the web, Connect allows clients to register dynamically, relieving admins of the time-consuming task of explicitly registering devices and websites.
  7. 7. Why Else is Connect Promising? ● Support from every major identity provider including Google, MSFT, Yahoo & Facebook. ● JSON / REST > XML ● OAuth2 already in use by 85%+ of consumer social logins.
  8. 8. Gluu’s OpenID Connect Server ● oxAuth is the leading OpenID Connect implementation in interop tests. ● 100% open source. ● Currently in production at large organizations.
  9. 9. How to prepare for Connect ● People: Not much. Social login is already ubiquitous on the net. ● Organizations: Launch an OpenID Connect provider and discovery service. ● Developers: Add Connect to your roadmap. Libraries already exist in Java, Python, and other popular platforms.
  10. 10. More Resources ● Open ID Connect website: http: // ● Open Source OX Wiki: http: // ● Interop Test Results: http://osis. OC5_OP