OpenID Connect Integration
Extend OAuth 2.0 with authentication and standardized identity claims
What is OpenID Connect?
OpenID Connect (OIDC) is an identity layer built on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the end-user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the end-user.
Key Features
- Standardized identity attributes (claims) about the user
- Cryptographically signed ID Tokens in JWT format
- Standardized UserInfo endpoint for additional claims
- Multiple authentication flows
- Session management capabilities
Basic OpenID Connect Flow
- Client requests authentication by redirecting to Haspass with
openidscope - User authenticates and consents
- Haspass returns ID Token along with Access Token
- Client can request additional claims from UserInfo endpoint
- Client validates ID Token signature and claims
Required Scopes
| Scope | Description |
|---|---|
openid | Required for OpenID Connect flows |
profile | Basic profile information (name, picture, etc.) |
email | User's email address |