OpenID Connect Simple Sequence Diagram

The OpenID Connect protocol, in abstract, follows the following steps.

  1. The RP (Client) sends a request to the OpenID Provider (OP).
  2. The OP authenticates the End-User and obtains authorization.
  3. The OP responds with an ID Token and usually an Access Token.
  4. The RP can send a request with the Access Token to the UserInfo Endpoint.
  5. The UserInfo Endpoint returns Claims about the End-User.

These steps are illustrated in the following diagram:

OpenID Connect Sequence Diagram

OpenID Connect & SAML nomenclature

2 thoughts on “OpenID Connect Simple Sequence Diagram”

  1. Hi, this diagram is brilliant in its simplicity. One of the funniest categories of image searches you can do is “openid connect diagram” or “shibboleth diagram” and just scroll and scroll. SO MANY. But, I think this is really the winner for clarity. I wonder if you might consent to my snagging this diagram for a talk I’m going to do about OIDC in June? Will give attribution, of course.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s