OpenID Connect Provider (OP)

The Janssen Authentication Server is a fully certified OpenID Provider (OP) that supports the following OpenID Connect specifications:

• Core (spec)
• Dynamic Client Registration (spec)
• Discovery (spec)
• Form Post Response Mode (spec)
• Session Management (spec)
• Front Channel Logout (draft)

Protocol Overview

OpenID Connect is an identity layer that profiles OAuth 2.0 to define a sign-in flow for applications (clients) to authenticate a person and obtain authorization to gather information (or "claims") about that person. For more information, see OpenID Connect

It's handy to know some OpenID Connect terminology:

• The end user or subject is the person being authenticated.

• The OpenID Provider (OP) is the equivalent of a SAML Identity Provider (IDP). It holds end user credentials (like a username/ password) and personally identifiable information. During a single sign-on (SSO) login flow, end users are redirected to the OP for authentication.

• The Relying Party or RP or client is software, like a mobile application or website, which needs to authenticate the subject. The RP is an OAuth client.

---

Last update: 2023-04-03
Created: 2022-09-02