OIDC

Introduction I’m currently building an Identity Server at my company, and it needs to support not only the OAuth2 protocol, but also OpenID Connect (OIDC), so it can integrate smoothly with other applications. When I first started learning about OIDC, I was quite confused. At first, OAuth2 and OIDC looked very similar to me. They both involve authorization servers, clients, tokens, redirects, scopes, and many familiar endpoints. But after reading more specifications and implementing the protocol step by step, I realized the key difference:...