You can use access tokens to access resources that are secured by an authorization server. It introduces the concept of an ID token, which allows the client to verify the identity of the user and obtain basic profile information about the user.īecause it extends OAuth 2.0, it also enables applications to securely acquire access tokens. This authentication protocol allows you to perform single sign-on.
OpenID Connect extends the OAuth 2.0 authorization protocol for use as an authentication protocol. For more information, see Overview of the Microsoft Authentication Library (MSAL), and Microsoft Identity Web authentication library. We recommend exploring those options, rather than implementing your own code. Most of the open-source authentication libraries acquire and validate the JWT tokens for your application.
0 kommentar(er)
