Build an OIDC enabled app
The first step to enable your app to authenticate via OpenId Connect is to select a flow that suits your business needs and a sample app that acts as a guide.
- Authentication Flow
- Implicit Flow
- Password Grant Flow
OpenID Connect is a well-documented specification, we recommend you consult the following resources to assist you with this process.
Have a Question?
Have a how-to question? Seeing a weird error? Ask us about it on StackOverflow.
Found a bug? Submit a support ticket.
Have a product idea or request? Share it with us in our Ideas Portal.
StackOverflow discussions about "openid-connect"
Asked Nov 15 2015
There is a lot of information on the web about using JWT (Json Web Token) for authentication. But I still didn't find a clear explanation of what the flow should be when using JWT tokens for a...
Asked Feb 08 2017
I'm trying to understand the proper way to do authentication in ASP.NET Core. I've looked at several Resource (Most of which are out dated). ...
Asked Sep 05 2014
In OpenID Connect an access token has an expiry time. For authorization code flow, this is typically short (eg 20 minutes) after which you use the refresh token to request a new access token.The...
Q: Difference between OAuth 2.0 "state" and OpenID "nonce" parameter? Why state could not be reused?Asked Oct 20 2017
OAuth 2.0 defines "state" parameter to be sent in request by client to prevent cross-site request attacks. Same is mentioned in OpenID spec for "nonce". Apart from the fact that "nonce" is...
Asked Apr 16 2015
IdentityServer supports different OpenId Connect flows that are defined in the Flows enum and set for clients. There's also samples for each type of flow and many references to them in the docs...