Skip main navigation

New offer! Get 30% off your first 2 months of Unlimited Monthly. Start your subscription for just £29.99 £19.99. New subscribers only. T&Cs apply

Find out more


In this video, you will learn about OpenID, which is formally known as OpenID Foundation.
So this group is now known as the OpenID Foundation, and OpenID connect version 1 is an identity layer on top of open authorization version 2. So this enables clients to verify the identity of an end user based on the authentication performed by an authorization server, as well as allowing the basic profile information about the end user to be provided as well. Typically, with these kind of services, we’re looking at JSON REST type technologies, where we’re passing structured data via HTTP requests, backwards and forwards. So we have OpenID, again, as we’ve said with the others, is an open standard. It deals with authentication, and because it’s built on open authorization, it also handles the authorization as well.
So this supports additional values that allow the authentication to take place. And as at 2018, we have one billion plus enabled accounts. Sorry, 2016, one billion plus enabled accounts. So OpenID Connect is currently in version 3, as of 2014, and the components we have within OpenID Connect include the relying party, which is the application, the user, we then have the IDP, which is the OpenID provider, shortened to the OP, we have the uniform resource identifier, the URI, which is kind of like our URL, this is the link to the service, and JSON REST, so we’re using those JSON REST requests. Let’s take a look then at the OpenID process.
It is similar to the SAML and also to open authorization, but again, it is subtly different. This is closest to open authorization. So it’s slightly closer to open authorization than SAML. So we have the user who opens the app, and the app here is the relying party, it is relying on other parties for the service. The relying party passes the request to the OpenID provider. The user completes the log on and the OP redirects the user back to the relying party, with a one time code. The relying party then sends that one time code to the token end point, and the token end point grants an access token back to the relying party.
So the relying party then sends the request for additional details, such as profile information, your profile picture, your email address, back to the user information end point, and the user information end point sends back the user information profile.

In this video, you will learn about OpenID, which is formally known as OpenID Foundation. You will learn what OpenID does, how it is used, and the processes that occur with using it.

OpenID is an open standard and is an authentication protocol that can also handle authorization. It is currently in version 3 (since 2014) and contains specified components that include:

  • relying parties (RP) – the application
  • the user
  • OpenID provider (IdP)
  • Uniform Resource Identifier (URI)

Reflect and share: Now that you have learned about some specialized technology used in the IdAM context, you know there are various options to choose from, which will largely depend on your context and its resources. If you are using any of these technologies mentioned so far, what are some of the benefits and challenges you have experienced? If you are not using any of these, which would you want to select and why?

This article is from the free online

Cyber Security Foundations: Reinforcing Identity and Access Management

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now