Components Involved in OpenID Connect Authentication

Q

What are components involved in OpenID Connect authentication flows?

✍: FYIcenter.com

A

There are 4 components involved in a typical OpenID Connect authentication flow:

1. OpenID Provider (OP) - The OpenID Connect authentication service provider, who provides services to authenticate the end user. For example, Microsoft Azure Active Directory.

2. Relying Party (RP) - Your application server, who relies the OP to let the end user to access your application.

3. User Agent (UA) - The Web browser or your client program running on the end user device. User Agent is used by the end user to access your application and interact with the OpenID Provider.

4. End User (EU) - The end user who wants to access your application using his/her identity managed by the OpenID Provider.

Below is a diagram that shows you how these 4 components are related to each other:

               +--------+     +----------+
               |        |     |          |
               |        | --> |  Rely    |
               |        | <-- |  Party   |
+--------+     |        |     |          |
|        |     |        |     +----------+
|  End   | --> |  User  |         ^ |
|  User  | <-- |  Agent |         | v
|        |     |        |     +----------+
+--------+     |        |     |          |
               |        | --> | OpenID   |
               |        | <-- | Provider |
               |        |     |          |
               +--------+     +----------+

 

⇒ What Are Authentication Flows

⇐ OpenID Connect Authentication Flows

⇑ OpenID Connect Authentication Flows

⇑⇑ OpenID Tutorials

2021-08-11, 630👍, 0💬