What Is id

What Is id_token

Q

What is id_token used in OpenID Connect protocol?

✍: FYIcenter.com

A

"id_token" is Base64URL encoded string returned from the authentication service provider after the user successfully finishes the authentication process.

"id_token" follows the "RFC 7519 - JWT (JSON Web Token)" to encode authentication information. You should use the following logic to decode the "id_token" value:

Splitting the encoded string into 3 components: Header, Body, and Signature by the dot "." delimiter: headerEncoded.bodyEncoded.signatureEncoded
Get the header in JSON string as headerJSON = base64url_decode(headerEncoded).
Get the body in JSON string as bodyJSON = base64url_decode(bodyEncoded).
Get the signature in JSON string as signatureJSON = base64url_decode(signatureEncoded).
Validate the signature using the algorithm given in the header.
If the signature is good, take the information in the body and continue.

Here is example of an id_token string:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.
eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.
SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

After splitting and Base64URL decoding, we have:

Header =
{
  "alg": "HS256",
  "typ": "JWT"
}

Body = 
{
  "sub": "1234567890",
  "name": "John Doe",
  "iat": 1516239022
}

Signature = 0x
49f94ac7044948c78a285d904f87f0a4c7897f7e8f3a4eb2255fda750b2cc397

The "Body" component in an id_token is also called "Payload", or "Claim" of an authentication.

By the way, Base64URL encoding is same as Base64 encoding except for 2 encoding characters: "_" is used instead of "/", and "-" is used instead of "+". This is to make the encoded string URL safe.

⇒ What Is the Authentication Claim in id_token

⇐ OpenID Connect Authorization Code Flow

⇑ OpenID Connect Authentication Flows

⇑⇑ OpenID Tutorials

2022-05-31, 1024👍, 0💬

OpenID Usage Statistics
How many Web sites/services are using OpenID? According to builtwith.com, there are about 1,250,000 Web sites/services are using OpenID as of August 2018: OpenID Usage Statistics ⇒ Differences between OpenID and OAuth ⇐ What Is OpenID Connect ⇑ Introduction to OpenID ⇑⇑ OpenID Tutorials 2019-01-20, 1220👍, 0💬

OpenID Connect Authentication Flows
Where to find tutorials on OpenID Connect Authentication Flows. Here is a list of tutorials to answer many frequently asked questions compiled by FYIcenter.com team on OpenID Connect Authentication Flows. Components Involved in OpenID Connect Authentication What Are Authentication Flows OpenID Conne... 2019-01-20, 1110👍, 0💬

Integration with Azure Active Directory
Where to find tutorials on Integration with Azure Active Directory. Here is a list of tutorials to answer many frequently asked questions compiled by FYIcenter.com team on Integration with Azure Active Directory. What Is Azure Active Directory Azure AD, B2B and B2C Get Application ID from Azure AD A... 2021-06-20, 1101👍, 0💬

Azure AD, B2B and B2C
What are differences between Azure AD, B2B and B2C? Azure AD actually offers 3 different services: Azure AD - Provide authentication services to users in your own organization. Azure AD B2B - Provide authentication services to users in your own organizations and your external partner organizations. ... 2021-06-20, 1050👍, 0💬

What Are Authentication Flows
What are authentication flows specified in OpenID Connect? OpenID Connect supports 3 authentication data flows: 1. Authorization Code Flow - The Authorization Code Flow is more complex to implement. But it is more secure. In the Authorization Code Flow, only a short authorization code is returned to... 2021-08-11, 1047👍, 0💬

What Is id_token
What is id_token used in OpenID Connect protocol? "id_token" is Base64URL encoded string returned from the authentication service provider after the user successfully finishes the authentication process. "id_token" follows the "RFC 7519 - JWT (JSON Web Token)" to encode authentication information. Y... 2022-05-31, 1025👍, 0💬

OpenID Connect Authorization Code Flow
What is the authentication code flow specified in OpenID Connect? The Authorization Code Flow is most secure authentication flow specified in OpenID Connect. Here are the steps of the Authorization Code flow given in the OpenID Connect 1.0 specification: Rely Party prepares an authentication request... 2021-08-11, 1011👍, 0💬

Components Involved in OpenID Connect Authentication
What are components involved in OpenID Connect authentication flows? There are 4 components involved in a typical OpenID Connect authentication flow: 1. OpenID Provider (OP) - The OpenID Connect authentication service provider, who provides services to authenticate the end user. For example, Microso... 2021-08-11, 988👍, 0💬

What Is the Authentication Claim in id_token
What is the authentication claim in an id_token? The authentication claim is the information carried in the id_token body component. OpenID Connect 1.0 specification defines the following primary properties on the authentication claim: "iss" - Required. Identifies the "Issuer" of this authentication... 2022-05-31, 966👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.