The OpenID Connect protocol, in abstract, follows the following steps.
- The RP (Client) sends a request to the OpenID Provider (OP).
- The OP authenticates the End-User and obtains authorization.
- The OP responds with an ID Token and usually an Access Token.
- The RP can send a request with the Access Token to the UserInfo Endpoint.
- The UserInfo Endpoint returns Claims about the End-User.
These steps are illustrated in the following diagram:
2 thoughts on “OpenID Connect Simple Sequence Diagram”
[…] OpenID Connect AuthN & AuthZ […]
Hi, this diagram is brilliant in its simplicity. One of the funniest categories of image searches you can do is “openid connect diagram” or “shibboleth diagram” and just scroll and scroll. SO MANY. But, I think this is really the winner for clarity. I wonder if you might consent to my snagging this diagram for a talk I’m going to do about OIDC in June? Will give attribution, of course.