Menu
How would you design and implement OpenID components?
(Was "How does OpenId work")
I realize this question is somewhat of a duplicate, and yes, I have read the spec and the wikipedia article.
After reading the materials mentioned above, I still don't have a complete picture in my head of how each step in the process is handled. Maybe what's missing is a good workflow diagram for how an implementation of OpenID works.
I'm considering incorporating OpenID into one of my applications to accomodate a B2B single-sign-on scenario, and I will probably go with DotNetOpenID instead of trying to implement it myself, but I still want a better grasp of the particulars before I get started.
Can anyone recommend books or websites that do a good job of explaining it all? It wouldn't hurt to have an answer that covers the basics here on this site as well.
[Edit]
I changed the title to be more implementation-specific, since there are obviously plenty of places to get the ten-thousand-foot view.
700
OpenID Connect (OIDC) is an open authentication protocol that works on top of the OAuth 2.0 framework. Targeted toward consumers, OIDC allows individuals to use single sign-on (SSO) to access relying party sites using OpenID Providers (OPs), such as an email provider or social network, to authenticate their identities.
Open the IAM console at https://console.aws.amazon.com/iam/ . In the navigation pane, choose Identity providers, and then choose Add provider. For Configure provider, choose OpenID Connect. For Provider URL, type the URL of the IdP.
This page has a nice flow diagram.
I found this link on the OpenID Wiki, you might want to check there for more resources.
54
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
