OIDC, or OpenID Connect, is an open standard for authenticating and authorizing users in web and mobile applications. It is built upon OAuth 2.0, a protocol for authorization exchange between web applications and Application Programming Interfaces (APIs).
OpenID Connect provides a secure way to authenticate users without requiring them to use separate login credentials for each application. With OIDC, a user can log in to a single Identity Provider platform, which then conveys the user’s identity to the web or mobile applications the user wishes to access.
The protocol enhances security by employing various technologies and standards, including JSON Web Tokens (JWT) and Transport Layer Security (TLS), and supports multiple authentication factors such as passwords, biometric data, and physical security keys.
Supported and implemented by numerous companies and organizations, including Google, Microsoft, Salesforce, and the U.S. government, OIDC offers a standardized method for secure and convenient user authentication across various use cases.