🌌
Privacy Village Academy
Join The Community!AcademyAbout HGPE
  • Hitchhiker's Guide to Privacy Engineering
    • ❓What is HGPE?
      • ⚖️Who is this for?
      • 🧙‍♂️Privacy Engineering
      • 🎨Creative Privacy
      • 🔮Generative AI
      • 🧑‍💻About the Author
  • 🧙‍♂️The Ethical AI Governance Playbook 2025 Edition
    • 🤖Chapter 1 : AI Literacy
    • 🌍Chapter 2 : AI Governance in the 21st Century
    • ⌛Chapter 3 - Getting Started with AI Act Compliance
    • 🚀Chapter 4 : Rise of AI Governance: Building Ethical & Compliant AI
    • Chapter 5 : Introduction to the Lifecycle of AI
  • 🎓Privacy Engineering Field Guide Season 1
    • ❓Decoding the Digital World: Exploring Everyday Technology
    • 👁️Introduction: Why Privacy Matters?
      • Age of Mass Surveillance
      • Privacy & Democracy
      • Privacy & Government Surveillance
    • ⚡Chapter 1 : How Computers Work?
      • Electricity
      • Bits
      • Logic Gates
      • Central Processing Unit (CPU)
      • Graphic Processing Unit (GPU)
      • Motherboard
      • Data Storage
      • Databases
      • Operating System (OS)
      • Computer Code
      • Programming Languages
      • The File System
      • Bugs and Errors
      • Computer Virus
      • Internet of Things (IoT)
      • Cloud Computing
    • 🛰️Chapter 2 : How the internet works?
      • Physical Infrastructure
      • Network and Protocols
      • Switch
      • Routers
      • IP Address
      • Domain Name System (DNS)
      • Mac Address
      • TCP / IP
      • OSI Model
      • Packets
      • The Client - Server Architecture
      • Secure Socket Shell (SSH)
      • Transport Layer Security (TLS)
      • Firewall
      • Tunnels and VPNs
      • Proxy Server
    • 🖥️Chapter 3 : How Websites Work?
      • HTML
      • CSS
      • Javascript
      • Web Server
      • Browser
      • HTTP
      • Databases
      • Front End (Client Side)
      • Back End (Server Side)
      • Cookies
      • Local Storage
      • Session Storage
      • IndexedDB
      • XHR Requests
      • Web APIs
      • Webhooks
      • Email Server
      • HTTPS
      • Web Application Firewall
      • Single Sign-on (SS0)
      • OAuth 2.0
      • Pixels
      • Canvas Fingerprinting
      • Email Tracking
      • Containers
      • CI/CD
      • Kubernetes
      • Serverless Architecture
    • ⚛️Chapter 4 : How Quantum Computers Work?
      • Quantum Properties
      • Quantum Bits (Qubits)
      • Decoherence
      • Quantum Circuits
      • Quantum Algorithms
      • Quantum Sensing
      • Post-Quantum Cryptography
    • 📳Chapter 5 : Mobile Apps and Privacy
      • Battery
      • Processor
      • Mobile Operating Systems
      • Mobile Data Storage
      • Cellular Data
      • Mobile Device Sensors
      • Wireless Connectivity
      • Camera & Microphone
      • Mobile Apps
      • Software Development Kits (SDKs)
      • Mobile Device Identifiers
      • Bring Your Own Device (BYOD)
  • 🕵️‍♂️Privacy Engineering Field Guide Season 2
    • ❓Introduction to Privacy Engineering for Non-Techs
      • 🎭Chapter 1 : Digital Identities
        • What is identity?
        • Authentication Flows
        • Authentication vs. Authorization
        • OAuth 2.0
        • OpenID Connect (OIDC)
        • Self Sovereign Identities
        • Decentralized Identifiers
        • eIDAS
      • 👁️‍🗨️Chapter 2 : De-Identification
        • Introduction to De-Identification?
        • Input / Output Privacy
        • De-identification Strategies
        • K-Anonymity
        • Differential Privacy
        • Privacy Threat Modeling
  • 📖HGPE Story and Lore
    • 🪦Chapter 1 : The Prologue
    • ☄️Chapter 2 : Battle for Earth
    • 🦠Chapter 3 : A Nightmare To Remember
    • 🧙‍♂️Chapter 4 : The Academy
    • 🌃Chapter 5: The Approaching Darkness
    • ⚔️Chapter 6 : The Invasion
    • 🏰Chapter 7 : The Fall of the Academy
    • 🛩️Chapter 8 : The Escape
    • 🪐Chapter 9 : The Moon Cave
    • 🦇Chapter 10: Queen of Darkness
  • 📺Videos, Audio Book and Soundtracks
    • 🎧Reading Episodes
    • 🎹Soundtracks
  • 👾HGPE Privacy Games and Challenges
    • 🎮Data Privacy Day'23 / Privacy Treasure Hunt Game
    • 🧩Privacy Quest
  • 📬Subscribe Now!
Powered by GitBook
On this page

Was this helpful?

  1. Privacy Engineering Field Guide Season 2
  2. Introduction to Privacy Engineering for Non-Techs
  3. Chapter 1 : Digital Identities

OpenID Connect (OIDC)

PreviousOAuth 2.0NextSelf Sovereign Identities

Last updated 1 year ago

Was this helpful?

What is OpenID Connect (OIDC)? 👀

While OAuth 2.0 focuses solely on granting access to data, it doesn’t reveal much about the resource owner’s identity.

Enter OpenID Connect (OIDC), a nifty addition that sits atop OAuth 2.0, bringing a wealth of login and profile information about the person who’s logged in.

Think of OIDC as the “badge” it gives to the client about the resource owner—it provides essential details about who you are.

With OIDC, a client can establish a login session and gather information about the resource owner, known as identity. OIDC is often referred to as an identity provider and enables scenarios where a single login can be used for multiple applications.

This is like Single Sign-On (SSO) for social networking services, where users can choose to log in with Twitter or Facebook.

Imagine it as using an ATM. The ATM is the client, wanting access to banking services, and your bank card is the token it uses.

The card includes basic information like your name, expiration date, and issuer. OIDC builds upon the OAuth framework and can’t function without it.

OpenID Connect Flow

The OIDC flow closely resembles OAuth. For instance, the client initiates a request with the authorization server.

OIDC uses a specific scope to let the authorization server know that it’s handling an OIDC exchange.

The authorization server follows similar steps as OAuth, creating an authorization code and sending it back to the client via the resource owner’s browser. But when the client exchanges the authorization code for an access token, it also receives an ID token.

🕵️‍♂️
❓
🎭
My heart raced, echoing in the dimly lit street as I grasped the chilling reality. Elera, the rogue AI, had not only breached my home devices but also rekindled the dormant cybernetics I hadn’t laid eyes on in years. Her audacity was matched only by her technical prowess.
Page cover image