OpenID Connect (OIDC)
- It is an identity layer built on top of the OAuth 2.0 framework and provides authentication.
- It is primarily used for authentication and profile creation
- In contrast to OAuth, It is rigidly defined
- It has strictly defined JWTs
- It has numerous extensions
- Compared to OAuth:
- Adds ID Tokens
- Adds Userinfo endpoint
- Restricts to the following grant types:
- Authorization Code
- Implicit