SlideShare a Scribd company logo

OpenID Connect vs. OpenID 1 & 2

Mike Schwartz, profile picture
Mike Schwartz

OpenID Connect introduces key enhancements over OpenID 1 and 2, including easier user authentication with email as the identifier, dynamic client registration, and scalable discovery for any provider. It addresses previous issues such as difficult URI identifiers and lack of support for modern signing techniques. Additionally, OpenID Connect is widely supported by major identity providers and is becoming a standard for social logins.

TechnologyEducation
1 of 10
Downloaded 82 times
1
2
3
4
5
6
7
8
9
10
OpenID Connect vs. OpenID 1 & 2 3 important new features Connect has that OpenID 1 & 2 didn’t.
What is OpenID? ● Open standard for authentication ● Developed by members of OpenID Foundation ● Framework for the communication that must take place between IDP & RP
Problems w/ OpenID 1 & 2 ● URI’s as the identifier were too hard for people to remember ● Not API & Mobile friendly ● No support for robust signing & encryption
Enhancements to Connect 1) Discovery: provides a scalable way for RP’s to allow people to authenticate via any OpenID Connect Provider, not just major IDP’s like Google & Facebook.
Enhancements to Connect 2) Email as the identifier: People never have trouble remembering their email addresses, and email is an intuitive way to think about resource access (i.e. Am I accessing business content? Ok, then I use my business email creds).
Enhancements to Connect 3) Dynamic Client Registration: In order to support the growing number of devices and API’s using the web, Connect allows clients to register dynamically, relieving admins of the time-consuming task of explicitly registering devices and websites.
Why Else is Connect Promising? ● Support from every major identity provider including Google, MSFT, Yahoo & Facebook. ● JSON / REST > XML ● OAuth2 already in use by 85%+ of consumer social logins.
Gluu’s OpenID Connect Server ● oxAuth is the leading OpenID Connect implementation in interop tests. ● 100% open source. ● Currently in production at large organizations.
How to prepare for Connect ● People: Not much. Social login is already ubiquitous on the net. ● Organizations: Launch an OpenID Connect provider and discovery service. ● Developers: Add Connect to your roadmap. Libraries already exist in Java, Python, and other popular platforms.
More Resources ● Open ID Connect website: http: //openid.net/connect/ ● Open Source OX Wiki: http: //ox.gluu.org ● Interop Test Results: http://osis. idcommons.net/wiki/Category: OC5_OP

More Related Content

PDF
Introduction to OpenID Connect
Nat Sakimura
 
PDF
OpenID Connect Explained
Vladimir Dzhuvinov
 
PPTX
Intro to OAuth2 and OpenID Connect
LiamWadman
 
PPTX
OpenID Connect: An Overview
Pat Patterson
 
PDF
OAuth 2.0 and OpenID Connect
Jacob Combs
 
PPT
OAuth 2.0 and OpenId Connect
Saran Doraiswamy
 
PPTX
Blockchain Technology ppt project.pptx
SahilBansal648873
 
PDF
OAuth 2.0
Uwe Friedrichsen
 
Introduction to OpenID Connect
Nat Sakimura
 
OpenID Connect Explained
Vladimir Dzhuvinov
 
Intro to OAuth2 and OpenID Connect
LiamWadman
 
OpenID Connect: An Overview
Pat Patterson
 
OAuth 2.0 and OpenID Connect
Jacob Combs
 
OAuth 2.0 and OpenId Connect
Saran Doraiswamy
 
Blockchain Technology ppt project.pptx
SahilBansal648873
 
OAuth 2.0
Uwe Friedrichsen
 

What's hot (20)

PPTX
An introduction to OAuth 2
Sanjoy Kumar Roy
 
PPTX
Tourists yatra guide (An android application)
Umang Aggarwal
 
PDF
Demystifying OAuth 2.0
Karl McGuinness
 
PPTX
What's an api
Jacques Ledoux
 
PPTX
Secure your app with keycloak
Guy Marom
 
PPTX
Ppt on blockchain technology
RATAN AGARWALA
 
PPTX
module-1.pptx
Raju385766
 
PPTX
An Introduction to OAuth 2
Aaron Parecki
 
PDF
Overview of blockchain technology and architecture
EY
 
PPTX
Mit 2014 introduction to open id connect and o-auth 2
Justin Richer
 
PDF
apidays LIVE Singapore - Next-generation microservice architecture based on A...
apidays
 
PDF
Okta docs
Sam Bauch
 
PPTX
Monetization: Unlock More Value from Your APIs
Apigee | Google Cloud
 
PPTX
BLOCKCHAIN
Nitish sharma
 
PPTX
Anatomy of an Enterprise Integration Architecture
Daniel Toomey
 
PPTX
IBM APIc API security protection mechanism
Shiu-Fun Poon
 
PDF
What the Heck is OAuth and OpenID Connect - DOSUG 2018
Matt Raible
 
PDF
Web 3.0 - A Detailed Guide
101 Blockchains
 
PPTX
Practical API Security - PyCon 2018
Adam Englander
 
PPTX
OpenId Connect Protocol
Michael Furman
 
An introduction to OAuth 2
Sanjoy Kumar Roy
 
Tourists yatra guide (An android application)
Umang Aggarwal
 
Demystifying OAuth 2.0
Karl McGuinness
 
What's an api
Jacques Ledoux
 
Secure your app with keycloak
Guy Marom
 
Ppt on blockchain technology
RATAN AGARWALA
 
module-1.pptx
Raju385766
 
An Introduction to OAuth 2
Aaron Parecki
 
Overview of blockchain technology and architecture
EY
 
Mit 2014 introduction to open id connect and o-auth 2
Justin Richer
 
apidays LIVE Singapore - Next-generation microservice architecture based on A...
apidays
 
Okta docs
Sam Bauch
 
Monetization: Unlock More Value from Your APIs
Apigee | Google Cloud
 
BLOCKCHAIN
Nitish sharma
 
Anatomy of an Enterprise Integration Architecture
Daniel Toomey
 
IBM APIc API security protection mechanism
Shiu-Fun Poon
 
What the Heck is OAuth and OpenID Connect - DOSUG 2018
Matt Raible
 
Web 3.0 - A Detailed Guide
101 Blockchains
 
Practical API Security - PyCon 2018
Adam Englander
 
OpenId Connect Protocol
Michael Furman
 
Ad

Viewers also liked (20)

PPTX
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
PPT
Understanding OpenID
Prabath Siriwardena
 
PPTX
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
Brian Campbell
 
PDF
OpenID Authentication by example
Chris Vertonghen
 
PPTX
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
Benjamin Delpy
 
PDF
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
Salesforce Developers
 
PPTX
Golden ticket, pass the ticket mi tm kerberos attacks explained
Peter Swedin
 
PDF
OpenID Bootcamp Tutorial
David Recordon
 
PPTX
Briforum 2011 Chicago
Dan Brinkmann
 
PDF
Cloud Identity: A Recipe for Higher Education
Mike Schwartz
 
PPTX
RSA Europe: Future of Cloud Identity
Mike Schwartz
 
PPTX
DaaS/IaaS Forum Moscow - Ivo Murris
Denis Gundarev
 
PPT
ID Next 2013 Keynote Slides by Mike Schwartz
Mike Schwartz
 
PPTX
RUCUG: 9. Sergey Khalyapin: Представляем XenDesktop 5
Denis Gundarev
 
PDF
Who Are You? From Meat to Electrons - SXSW 2014
Mike Schwartz
 
PPT
Mule security - saml
charan teja R
 
PPTX
BriForum 2013 Chicago - Citrix Troubleshooting - Denis Gundarev
Denis Gundarev
 
PPTX
DaaS/IaaS Forum Moscow - Najat Messaoud
Denis Gundarev
 
PPTX
DaaS/IaaS Forum Moscow - Chris Rogers
Denis Gundarev
 
PPTX
The Tools I Use
Dan Brinkmann
 
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
Understanding OpenID
Prabath Siriwardena
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
Brian Campbell
 
OpenID Authentication by example
Chris Vertonghen
 
BlueHat 2014 - The Attacker's View of Windows Authentication and Post Exploit...
Benjamin Delpy
 
OpenID Connect: The new standard for connecting to your Customers, Partners, ...
Salesforce Developers
 
Golden ticket, pass the ticket mi tm kerberos attacks explained
Peter Swedin
 
OpenID Bootcamp Tutorial
David Recordon
 
Briforum 2011 Chicago
Dan Brinkmann
 
Cloud Identity: A Recipe for Higher Education
Mike Schwartz
 
RSA Europe: Future of Cloud Identity
Mike Schwartz
 
DaaS/IaaS Forum Moscow - Ivo Murris
Denis Gundarev
 
ID Next 2013 Keynote Slides by Mike Schwartz
Mike Schwartz
 
RUCUG: 9. Sergey Khalyapin: Представляем XenDesktop 5
Denis Gundarev
 
Who Are You? From Meat to Electrons - SXSW 2014
Mike Schwartz
 
Mule security - saml
charan teja R
 
BriForum 2013 Chicago - Citrix Troubleshooting - Denis Gundarev
Denis Gundarev
 
DaaS/IaaS Forum Moscow - Najat Messaoud
Denis Gundarev
 
DaaS/IaaS Forum Moscow - Chris Rogers
Denis Gundarev
 
The Tools I Use
Dan Brinkmann
 
Ad

Similar to OpenID Connect vs. OpenID 1 & 2 (20)

PDF
Improve identity management with open id
Ping Identity
 
PDF
Review on OpenID Authentication Framework
ijsrd.com
 
PDF
Who’s Knocking? Identity for APIs, Web and Mobile
Nordic APIs
 
PDF
CIS13: Taking the Hyperspace Bypass: Controlling User Access to Other Worlds
CloudIDSummit
 
PDF
LemonLDAP::NG - the New Generation WebSSO !, David Coutadeur, Linagora.
OW2
 
PPTX
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
MysoreMuleSoftMeetup
 
PPTX
OpenID Connect
Farasath Ahamed
 
PPTX
Unstoppable Domains Workshop
TinaBregovi
 
PDF
Implementing Microservices Security Patterns & Protocols with Spring
VMware Tanzu
 
PDF
Managing micro services for your company
Justin Lovell
 
PDF
Optimizing your job apply pages with the LinkedIn profile API
Ivo Brett
 
PDF
CIS13: Identity at Scale
CloudIDSummit
 
PDF
Open Banking beyond PSD2 in the EU
OpenID Foundation Japan
 
PPT
OpenID Progress EEMA Conference
evidos
 
PPTX
Achieving Predictable Success in Digital Transformation with the WSO2 Platform
Dilshan Edirisuriya
 
PPTX
Blue Button 2.0
SofiaGaldamez1
 
PDF
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
PDF
Api best practices
Chet Nut
 
PDF
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
Chris Swan
 
PPTX
Identity toolkit
Gbolahan Alli
 
Improve identity management with open id
Ping Identity
 
Review on OpenID Authentication Framework
ijsrd.com
 
Who’s Knocking? Identity for APIs, Web and Mobile
Nordic APIs
 
CIS13: Taking the Hyperspace Bypass: Controlling User Access to Other Worlds
CloudIDSummit
 
LemonLDAP::NG - the New Generation WebSSO !, David Coutadeur, Linagora.
OW2
 
Configuring Single Sign-On (SSO) via Identity Management | MuleSoft Mysore Me...
MysoreMuleSoftMeetup
 
OpenID Connect
Farasath Ahamed
 
Unstoppable Domains Workshop
TinaBregovi
 
Implementing Microservices Security Patterns & Protocols with Spring
VMware Tanzu
 
Managing micro services for your company
Justin Lovell
 
Optimizing your job apply pages with the LinkedIn profile API
Ivo Brett
 
CIS13: Identity at Scale
CloudIDSummit
 
Open Banking beyond PSD2 in the EU
OpenID Foundation Japan
 
OpenID Progress EEMA Conference
evidos
 
Achieving Predictable Success in Digital Transformation with the WSO2 Platform
Dilshan Edirisuriya
 
Blue Button 2.0
SofiaGaldamez1
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2
 
Api best practices
Chet Nut
 
EMFcamp2022 - What if apps logged into you, instead of you logging into apps?
Chris Swan
 
Identity toolkit
Gbolahan Alli
 

More from Mike Schwartz (14)

PPTX
LASCON 2017: SAML v. OpenID v. Oauth
Mike Schwartz
 
PPTX
OTTO - Internet2 TechX 2017
Mike Schwartz
 
PPTX
The Client is not always right! How to secure OAuth authentication from your...
Mike Schwartz
 
PPTX
LASCON: Three Profiels of OAuth2 for Identity and Access Management
Mike Schwartz
 
PPTX
Kantara OTTO slides
Mike Schwartz
 
PPTX
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
Mike Schwartz
 
PPTX
RSA Conference 2016: Who Are You? From Meat to Electrons and Back Again
Mike Schwartz
 
PDF
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Mike Schwartz
 
PDF
OAuth2 for IoT Security: Why OpenID Connect & UMA Are They Key
Mike Schwartz
 
PPTX
Federation registry
Mike Schwartz
 
PPTX
Single Sign On 101
Mike Schwartz
 
PPTX
Requirements for Personal Clouds : Tech Ranch Talk 8/7/13
Mike Schwartz
 
PDF
Gluu EDU Webinar: Shibboleth/SAML SSO
Mike Schwartz
 
PDF
SAML Protocol Overview
Mike Schwartz
 
LASCON 2017: SAML v. OpenID v. Oauth
Mike Schwartz
 
OTTO - Internet2 TechX 2017
Mike Schwartz
 
The Client is not always right! How to secure OAuth authentication from your...
Mike Schwartz
 
LASCON: Three Profiels of OAuth2 for Identity and Access Management
Mike Schwartz
 
Kantara OTTO slides
Mike Schwartz
 
RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!
Mike Schwartz
 
RSA Conference 2016: Who Are You? From Meat to Electrons and Back Again
Mike Schwartz
 
Trust Elevation: Implementing an OAuth2 Infrastructure using OpenID Connect &...
Mike Schwartz
 
OAuth2 for IoT Security: Why OpenID Connect & UMA Are They Key
Mike Schwartz
 
Federation registry
Mike Schwartz
 
Single Sign On 101
Mike Schwartz
 
Requirements for Personal Clouds : Tech Ranch Talk 8/7/13
Mike Schwartz
 
Gluu EDU Webinar: Shibboleth/SAML SSO
Mike Schwartz
 
SAML Protocol Overview
Mike Schwartz
 

Recently uploaded (20)

PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Cloud computing and distributed systems.
kkkkkhan
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
Teaching material agriculture food technology
LiaRayya
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
KodekX | Application Modernization Development
KodekX
 
Encapsulation theory and applications.pdf
gurumoop
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 

OpenID Connect vs. OpenID 1 & 2

  • 1. OpenID Connect vs. OpenID 1 & 2 3 important new features Connect has that OpenID 1 & 2 didn’t.
  • 2. What is OpenID? ● Open standard for authentication ● Developed by members of OpenID Foundation ● Framework for the communication that must take place between IDP & RP
  • 3. Problems w/ OpenID 1 & 2 ● URI’s as the identifier were too hard for people to remember ● Not API & Mobile friendly ● No support for robust signing & encryption
  • 4. Enhancements to Connect 1) Discovery: provides a scalable way for RP’s to allow people to authenticate via any OpenID Connect Provider, not just major IDP’s like Google & Facebook.
  • 5. Enhancements to Connect 2) Email as the identifier: People never have trouble remembering their email addresses, and email is an intuitive way to think about resource access (i.e. Am I accessing business content? Ok, then I use my business email creds).
  • 6. Enhancements to Connect 3) Dynamic Client Registration: In order to support the growing number of devices and API’s using the web, Connect allows clients to register dynamically, relieving admins of the time-consuming task of explicitly registering devices and websites.
  • 7. Why Else is Connect Promising? ● Support from every major identity provider including Google, MSFT, Yahoo & Facebook. ● JSON / REST > XML ● OAuth2 already in use by 85%+ of consumer social logins.
  • 8. Gluu’s OpenID Connect Server ● oxAuth is the leading OpenID Connect implementation in interop tests. ● 100% open source. ● Currently in production at large organizations.
  • 9. How to prepare for Connect ● People: Not much. Social login is already ubiquitous on the net. ● Organizations: Launch an OpenID Connect provider and discovery service. ● Developers: Add Connect to your roadmap. Libraries already exist in Java, Python, and other popular platforms.
  • 10. More Resources ● Open ID Connect website: http: //openid.net/connect/ ● Open Source OX Wiki: http: //ox.gluu.org ● Interop Test Results: http://osis. idcommons.net/wiki/Category: OC5_OP