OpenID Connect extends OAuth by providing authentication in addition to authorization, allowing applications to know the identity of the user. This is achieved by delegating the knowledge of who the user is through the delegation protocol of OAuth. OpenID Connect merges the concepts of SAML artifact binding, an older version of OpenID, and OAuth one, enhancing the authentication process. By building on top of OAuth 2, OpenID Connect sends a message back to the client to identify the user logging in. This integration allows for the sharing of access tokens across different APIs, maintaining security while accessing varying user information. The combination of OAuth and OpenID Connect offers a comprehensive solution by allowing developers to access diverse user data securely and efficiently.
OAuth is an open standard for access delegation. It lets users grant websites or applications access to their information on other websites, but without giving away passwords.
OpenID Connect is an identity layer on top of OAuth. Even if you haven’t programmed using OAuth and OpenID Connect, you’ve certainly used them for authentication on Google, Facebook, Spotify, and countless other services.
Authlete is a service that provides a set of APIs to implement OAuth authorization servers, and OpenID Connect identity providers.
Justin Richer is the Principal Architect at Authlete and is part of the working group that developed OAuth 2.0. He joins the podcast to talk about the history of OAuth, OAuth as a delegation protocol, the Authlete API, and much more.
Gregor Vand is a security-focused technologist, and is the founder and CTO of Mailpass. Previously, Gregor was a CTO across cybersecurity, cyber insurance and general software engineering companies. He has been based in Asia Pacific for almost a decade and can be found via his profile at vand.hk.
The post Authlete and Making OAuth Accessible with Justin Richer appeared first on Software Engineering Daily.