OpenID Connect/OAuth2 SSO

OpenID Connect is a Single sign-on (SSO) protocol based on OAuth authentication that is supported by the Genero Application Server.

When an end-user makes a request to access an application or web service implemented with SSO, the Identity Provider (IdP) provides tokens (ID and access) defined by the OAuth2 protocol to give them access to the application or resource based on a single sign in with their username and password.

The core protocol is OAuth2, while the OpenID Connect is an identity protocol that utilizes the authorization and authentication mechanisms of OAuth 2.0. OpenID Connect provides a simple and central way to gather all the endpoint URLs required by the OAuth2 protocol, such as getting the access token, retrieving the certificates to verify signature, and so on. To learn more about OpenID Connect, see the OpenID Connect web site.

Tip:

Read all of the OpenID Connect/OAuth2 topics in this section for details on features provided by OpenID Connect/OAuth2 SSO support in the Genero Application Server; including attributes gathering or authorization control.