General - What Is id

What Is id_token

Q

What is id_token used in OpenID Connect protocol?

✍: FYIcenter.com

A

"id_token" is Base64URL encoded string returned from the authentication service provider after the user successfully finishes the authentication process.

"id_token" follows the "RFC 7519 - JWT (JSON Web Token)" to encode authentication information. You should use the following logic to decode the "id_token" value:

Splitting the encoded string into 3 components: Header, Body, and Signature by the dot "." delimiter: headerEncoded.bodyEncoded.signatureEncoded
Get the header in JSON string as headerJSON = base64url_decode(headerEncoded).
Get the body in JSON string as bodyJSON = base64url_decode(bodyEncoded).
Get the signature in JSON string as signatureJSON = base64url_decode(signatureEncoded).
Validate the signature using the algorithm given in the header.
If the signature is good, take the information in the body and continue.

Here is example of an id_token string:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.
eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.
SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

After splitting and Base64URL decoding, we have:

Header =
{
  "alg": "HS256",
  "typ": "JWT"
}

Body = 
{
  "sub": "1234567890",
  "name": "John Doe",
  "iat": 1516239022
}

Signature = 0x
49f94ac7044948c78a285d904f87f0a4c7897f7e8f3a4eb2255fda750b2cc397

The "Body" component in an id_token is also called "Payload", or "Claim" of an authentication.

By the way, Base64URL encoding is same as Base64 encoding except for 2 encoding characters: "_" is used instead of "/", and "-" is used instead of "+". This is to make the encoded string URL safe.

⇒ What Is the Authentication Claim in id_token

⇐ OpenID Connect Authorization Code Flow

⇑ OpenID Connect Authentication Flows

⇑⇑ OpenID Tutorials

2019-01-15, 449👍, 0💬

EPUB 2.0 Metadata - dc:creator and dc:contributor Elements
What is EPUB 2.0 Metadata "dc:creator" and "dc:contributor" elements? EPUB 2.0 Metadata "dc:creator" and "dc:contributor" are optional metadata elements to specify authors and contributors of the EPUB 2.0 book. EPUB 2.0.1 specification adds two attributes, "role" and "file-as", to the "Dublin Core M... 2019-01-26, 1399👍, 0💬

Introduction of EPUB 2.0.1 Specification
Where to find tutorials on introduction of EPUB 2.0.1 Specification? Here is a list of tutorials to answer many frequently asked questions compiled by FYIcenter.com team on introduction of EPUB 2.0.1 Specification. What Is EPUB 2.0.1 Specification Minimum Requirement of EPUB 2.0.1 File Hello-2.0.epu... 2019-01-12, 1372👍, 0💬

OpenID Usage Statistics
How many Web sites/services are using OpenID? According to builtwith.com, there are about 1,250,000 Web sites/services are using OpenID as of August 2018: ⇒ Differences between OpenID and OAuth ⇐ What Is OpenID Connect ⇑ Introduction to OpenID ⇑⇑ OpenID Tutorials 2019-01-20, 568👍, 0💬

What Is OpenID Connect
What Is OpenID Connect? OpenID Connect is a newer version of OpenID. OpenID Connect 1.0 was released in February 2014. OpenID and OpenID Connect releases: Version Release date OpenID Connect 1.0 February 4, 2014 OpenID 2.0 December 5, 2007 OpenID 1.1 May 2006 OpenID 1.0 Here is a picture of OpenID C... 2019-01-20, 561👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.