SlideShare a Scribd company logo

Introduction to OpenID Connect

Nat Sakimura
Nat Sakimura

This document summarizes a presentation about OpenID Connect. OpenID Connect is an identity layer on top of the OAuth 2.0 protocol that allows clients to verify the identity of the user based on the authentication performed by an authorization server, as well as to obtain basic profile information about the user. It defines core functionality for modern identity frameworks by standardizing how clients and servers discover and use identity data exposed by identity providers and how clients can verify that identity data. The presenter discusses how OpenID Connect provides a simple yet powerful way to authenticate users and share attributes about them between websites and applications in an interoperable manner.

1 of 86
Downloaded 727 times
1
Connect OpenID OpenID Connect Nat Sakimura Chairman Senior Researcher C6b. New School Identity Frameworks Panel Foundation
2
Connect OpenID OAuth 2.0 Identity Layer on top of Base Protocol
3
Connect OpenID Q Identity
4
Connect OpenID Identity = set of attributes related to an entity [iso 29115]
5
Connect OpenID Entity Identity
6
Connect OpenID Entity Human Machine Service
7
Connect OpenID No direct way to perceive Human
8
Connect OpenID Blond/grey Silver frame glasses 6’5” tall
9
Connect OpenID Entity Identity Identity Sex Mail height Boy Friend Sex height Real Name Self Recognition Delta between Self and 3rd Party Recognition = interpersonal problem Delta between Self and 3rd Party Recognition= interpersonal problem Role Relatio nship 3rd Party Recognition Relationship Friends Boss Self Recognition 3rd Party Recognition Street Address Nickname Birthday Street Address Employee number licnese performance
10
Connect OpenID Man Identity Identity Identity
11
Connect OpenID Man Work Husband Father
12
Connect OpenID daughter mother wife girl friend collea- gue boss community member friend Woman
13
Connect OpenID YOU Identity A Identity B Identity C Site A Site B Site C
14
Connect OpenID Q Why not just OAuth?
15
Connect OpenID OAuth is an Access Granting Protocol Betty’s Profile Alice Cindy Cindy ≠ Betty Alice ≠ Betty
16
Connect OpenID Facebook extends OAuth with “signed request” “ID Token” in OpenID Connect
17
Connect OpenID Token Swap Attack
18
Connect OpenID Login with Amazon
19
Connect OpenID http://blog.chromium.org/2013/07/richer- access-to-google-services-and.html?m=1
20
Connect OpenID Signed Request ‱  Works only with a single identity provider ‱  Proprietary signature format ID Token ‱  Works with multiple identity providers ‱  IETF JSON Web Signature
21
Connect OpenID ID Token Claims Example { "iss": "https://server.example.com", "sub": "248289761001", "aud": "0acf77d4-b486-4c99-bd76-074ed6a64ddf", "iat": 1311280970, "exp": 1311281970, "nonce": "n-0S6_WzA2Mj" }
22
Connect OpenID Stick with OpenID Connect and not “OAuth Authentication”
23
Connect OpenID An Identity Layer provides: ‱  is the user that got authenticated Who ‱  was he authenticated Where ‱  was he authenticated When ‱  was he authenticated How ‱  attributes he can give you What ‱  he is providing them Why
24
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
25
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
26
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
27
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
28
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
29
Connect OpenID Interoperable ‱  openid, profile, email, address, phone Standard scopes ‱  Request object and claims Method to ask for more granular claims ‱  Info about the authenticated user ID Token ‱  Get attributes about the user ‱  Translate the tokens UserInfo endpoint
Most read
30
Connect OpenID Simple & Mobile Friendly JSON Based REST Friendly In simplest cases, just copy and paste Mobile & App Friendly e.g., ID Token is signed JSON { "iss": "https://client.example.com", ”sub": "24400320", "aud": "s6BhdRkqt3", "nonce": "n-0S6_WzA2Mj", "exp": 1311281970, "iat": 1311280970, "auth_time": 1311280969, "acr": "2", "at_hash": "MTIzNDU2Nzg5MDEyMzQ1Ng" }
31
Connect OpenID Secure ‱  ISO/IEC 29115 Entity Authentication Assurance ‱  Choice of crypto LoA1 LoA2 LoA3 LoA4
32
Connect OpenID Flexible ‱  Through Request Object (JSON) ‱  Data Minimization Granular Request ‱  Does not disclose data recipients to data sources Aggregated Claims ‱  Decentralized Data Storage Distributed Claims
33
Connect OpenID Choice of your provider Can be Google, eBay, AOL, Deutsche Telecom etc. Can be your Phone => Self-Issued Provider
34
Connect OpenID Details
35
Connect OpenID Name: Alice de Wonderland Mail: alice@example.com Notary: Google. Official Google Seal æ ȘćŒäŒš ç€Ÿă‚°ăƒŒ ă‚°ăƒ«ć° Name: Alice de Wonderland Mail: alice@example.com Notary: Google. SAML Authentication 1.  Who are you. Get me a referral letter. Do not forget about Your email! 2. Plz write me a referral letter。 3. Here you are Alice 4. Here is the certificate. notary Eve Official Google Seal
36
Connect OpenID 1.  Who are YOU? Give me a valet key to your house. Then I will trust that you are the owner of the house. 2. Can you give me a valet key to my house? 3. Here you are! Alice 4. Her is the key! Pseudo-Authentication using OAuth Apartment Controller Eve
Most read
37
Connect OpenID OpenID Connect Authentication 1.  Who are you. Get me a referral letter. Do not forget about Your email! 2. Give Eve the locker Key and a referral letter. 3. Here you are! Alice 4. Here you are Date2011/5/15 11:00:04 Level of Assurance2 VerifierGoogle Official Google Seal Butler Locker Locker Eve Date2011/5/15 11:00:04 Level of Assurance2 VerifierGoogle Official Google Seal
Most read
38
Connect OpenID OpenID Connect's Clams aggregation and distributed claims. Name: Alice de Wanderland DoB: 1989/3/3 Sex: F Address: 135 Broadway., NY, NY NY City Official Seal Locker UserInfo Endpoint Site X Site Y Site Z Eve
39
Connect OpenID Applying it to Enterprise model
40
Connect OpenID Entity Identity Identity Sex Mail height Boy Friend Sex height Real Name Self Recognition Delta between Self and 3rd Party Recognition = interpersonal problem Delta between Self and 3rd Party Recognition= interpersonal problem Role Relatio nship 3rd Party Recognition Relationship Friends Boss Self Recognition 3rd Party Recognition Street Address Nickname Birthday Street Address Employee number licnese performance
41
Connect OpenID Real Name Professional qualification department Geo-location Employee number Entity Identity Resource Authentication Policy Enforcement Rules
42
Connect OpenID ABAC (Attribute Based Access Control) Based on SP800-162 figure on page viii identity Resource Rules
43
Connect OpenID Real Name Professional qualification department Geo-location Employee number Entity Identity Resource Authentication PEP PDP PAP Boss Metadata Log Log
44
Connect OpenID Q What kind of “Identity” (set of attributes) an enterprise needs?
45
Connect OpenID Current Standard Claims wont do
46
Connect OpenID UserInfo Claims ‱  sub ‱  name ‱  given_name ‱  family_name ‱  middle_name ‱  nickname ‱  preferred_username ‱  profile ‱  picture ‱  website ‱  gender ‱  birthdate ‱  locale ‱  zoneinfo ‱  updated_at ‱  email ‱  email_verified ‱  phone_number ‱  phone_number_verified ‱  address
47
Connect OpenID UserInfo Claims Example { "sub": "248289761001", "name": "Jane Doe", "given_name": "Jane", "family_name": "Doe", "email": "janedoe@example.com", "email_verified": true, "picture": "http://example.com/janedoe/me.jpg" }
48
Connect OpenID Perhaps we need standard “enterprise” claims
49
Connect OpenID SCIM?
50
Connect OpenID SCIM Enterprise User Schema Extension ‱  employeeNumber –  Numeric or alphanumeric identifier assigned to a person, typically based on order of hire or association with an organization. ‱  costCenter –  Identifies the name of a cost center. organization Identifies the name of an organization. ‱  division –  Identifies the name of a division. ‱  department –  Identifies the name of a department. ‱  manager –  The User's manager. A complex type that optionally allows Service Providers to represent organizational hierarchy by referencing the
51
Connect OpenID Not Quite.
52
Connect OpenID Perhaps we need standard “enterprise” claims
53
Connect OpenID Q When shall I start using OpenID Connect?
54
Connect OpenID Timeline 2nd Implementers Draft Public Review (45 days) 2nd Implementers Draft Vote (14 days) Final Review (60 days) Final We are here! December 2013
55
Connect OpenID Q uestions?
56
Connect OpenID OAuth and OpenID Connect: In the Trenches Wednesday, July 10, 4:00 – 5:30 PM Salon C/D/E to be continued at 

57
Connect OpenID Details 

58
Connect OpenID Working Together OpenID Connect
59
Connect OpenID Working Group Members ‱  Key working group participants: –  Nat Sakimura – Nomura Research Institute – Japan –  John Bradley – Ping Identity – Chile –  Breno de Medeiros – Google – US –  Axel Nennker – Deutsche Telekom – Germany –  Torsten Lodderstedt – Deutsche Telekom – Germany –  Roland Hedberg – UmeĂ„ University – Sweden –  Andreas Åkre Solberg – UNINETT – Norway –  Chuck Mortimore – Salesforce – US –  Brian Campbell – Ping Identity – US –  George Fletcher – AOL – US –  Justin Richer – Mitre – US –  Nov Matake – Independent – Japan –  Mike Jones – Microsoft – US ‱  By no means an exhaustive list!
60
Connect OpenID Design Philosophy Simple Things Simple Complex Things Possible
61
Connect OpenID Simple Things Simple UserInfo endpoint for simple claims about user Designed to work well on mobile phones
62
Connect OpenID How We Make It Simple ‱  Build on OAuth 2.0 ‱  Use JavaScript Object Notation (JSON) ‱  Build only the pieces that you need ‱  Goal: Easy implementation on all modern development platforms
63
Connect OpenID Complex Things Possible Encrypted Claims Aggregated Claims Distributed Claims
64
Connect OpenID A Look Under the Covers ‱  ID Token ‱  Claims Requests ‱  UserInfo Claims ‱  Example Protocol Messages
65
Connect OpenID OpenID Connect Authentication 1.  Who are you. Get me a referral letter. Do not forget about Your email! 2. Give Eve the locker Key and a referral letter. 3. Here you are! Alice 4. Here you are Date2011/5/15 11:00:04 Level of Assurance2 VerifierGoogle Official Google Seal Butler Locker Locker Bob Date2011/5/15 11:00:04 Level of Assurance2 VerifierGoogle Official Google Seal Access Token ID Token
66
Connect OpenID ID Token ‱  JWT representing logged-in session ‱  Claims: –  iss – Issuer –  sub – Identifier for subject (user) –  aud – Audience for ID Token –  iat – Time token was issued –  exp – Expiration time –  nonce – Mitigates replay attacks –  at_hash – Left hash of the access token –  azp – Authorized Party
67
Connect OpenID ID Token Claims Example { "iss": "https://server.example.com", "sub": "alice", "aud": "https://bob.example.com", "iat": 1311280970, "exp": 1311281970, "nonce": "n-0S6_WzA2Mj", "at_hash": "MTIzNDU2Nzg5MDEyMzQ1Ng", "azp": "https://cindy.example.com/" }
68
Connect OpenID at_hash makes ID Token a detached signature for the access token
69
Connect OpenID azp allows token to be used by another party Site X Cindy Bob ID Token Access Token
70
Connect OpenID Using Access Token only for Authentication is Dangerous. 1.  Who are you. Get me a referral letter. Do not forget about Your email! 2. Give Eve the locker Key and a referral letter. 3. Here you are! Alice 4. Here you are Butler Access Token Eve
71
Connect OpenID OpenID Connect's Clams aggregation and distributed claims. Name: Alice de Wanderland DoB: 1989/3/3 Sex: F Address: 135 Broadway., NY, NY NY City Official Seal Locker UserInfo Endpoint Site X Site Y Site Z Bob
72
Connect OpenID Aggregated Claims Data Source Data Source Identity Provider Relying Party Signed Claims Claim Values
73
Connect OpenID Distributed Claims Identity Provider Signed Claims Relying Party Claim Refs Data Source Data Source
74
Connect OpenID Claims Requests ‱  Basic requests made using OAuth scopes: –  openid – Declares request is for OpenID Connect –  profile – Requests default profile info –  email – Requests email address & verification status –  address – Requests postal address –  phone – Requests phone number & verification status –  offline_access – Requests Refresh Token issuance ‱  Requests for individual claims can be made using JSON “claims” request parameter
75
Connect OpenID Request Object
76
Connect OpenID You can register it at registration time : request_uri Personally Recommended
77
Connect OpenID Authorization Request Example https://server.example.com/authorize ?response_type=token%20id_token &client_id=0acf77d4-b486-4c99-bd76-074ed6a64ddf &redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb &scope=openid%20profile &state=af0ifjsldkj &nonce=n-0S6_WzA2Mj
78
Connect OpenID Authorization Response Example HTTP/1.1 302 Found Location: https://client.example.com/cb #access_token=mF_9.B5f-4.1JqM &token_type=bearer &id_token=eyJhbGzI1NiJ9.eyJz9Glnw9J.F9-V4IvQ0Z &expires_in=3600 &state=af0ifjsldkj
79
Connect OpenID UserInfo Request Example GET /userinfo?schema=openid HTTP/1.1 Host: server.example.com Authorization: Bearer mF_9.B5f-4.1JqM
80
Connect OpenID Connect Specs Overview
81
Connect OpenID Resources ‱  OpenID Connect –  http://openid.net/connect/ ‱  OpenID Connect Working Group Mailing List –  http://lists.openid.net/mailman/listinfo/openid-specs-ab ‱  OpenID Connect Interop Wiki –  http://osis.idcommons.net/ ‱  OpenID Connect Interop Mailing List –  http://groups.google.com/group/openid-connect-interop ‱  Mike Jones’ Blog –  http://self-issued.info/ ‱  Nat Sakimura’s Blog –  http://nat.sakimura.org/ ‱  John Bradley’s Blog –  http://www.thread-safe.com/
82
Connect OpenID Current Status ‱  Waiting for dependencies to be completed ‱  JWS, JWE, JWA, JWK IETF JOSE WG ‱  JSON Web Token (JWT) IETF OAuth WG ‱  WebFinger IETF Apps WG
83
Connect OpenID Interop testing underway AOL, Google, IBM, Layer 7, Mitre, NRI, @nov, Orange, eBay, Gluu, Ping Identity, GÉANT, @ritou, Emmanuel Raviart 120+ feature tests 14 implementations
84
Connect OpenID Start Building
85
Connect OpenID Start Building Now!
86
Connect OpenID http://nat.sakimura.org/
Connect OpenID OpenID Connect Nat Sakimura Chairman Senior Researcher C6b. New School Identity Frameworks Panel Foundation
Connect OpenID OAuth 2.0 Identity Layer on top of Base Protocol
Connect OpenID Q Identity
Connect OpenID Identity = set of attributes related to an entity [iso 29115]
Connect OpenID Entity Identity
Connect OpenID Entity Human Machine Service
Connect OpenID No direct way to perceive Human
Connect OpenID Blond/grey Silver frame glasses 6’5” tall
Connect OpenID Entity Identity Identity Sex Mail height Boy Friend Sex height Real Name Self Recognition Delta between Self and 3rd Party Recognition = interpersonal problem Delta between Self and 3rd Party Recognition= interpersonal problem Role Relatio nship 3rd Party Recognition Relationship Friends Boss Self Recognition 3rd Party Recognition Street Address Nickname Birthday Street Address Employee number licnese performance
Connect OpenID Man Identity Identity Identity
Connect OpenID Man Work Husband Father
Connect OpenID daughter mother wife girl friend collea- gue boss community member friend Woman
Connect OpenID YOU Identity A Identity B Identity C Site A Site B Site C
Connect OpenID Q Why not just OAuth?
Connect OpenID OAuth is an Access Granting Protocol Betty’s Profile Alice Cindy Cindy ≠ Betty Alice ≠ Betty
Connect OpenID Facebook extends OAuth with “signed request” “ID Token” in OpenID Connect
Connect OpenID Token Swap Attack
Connect OpenID Login with Amazon
Connect OpenID http://blog.chromium.org/2013/07/richer- access-to-google-services-and.html?m=1
Connect OpenID Signed Request ‱  Works only with a single identity provider ‱  Proprietary signature format ID Token ‱  Works with multiple identity providers ‱  IETF JSON Web Signature
Connect OpenID ID Token Claims Example { "iss": "https://server.example.com", "sub": "248289761001", "aud": "0acf77d4-b486-4c99-bd76-074ed6a64ddf", "iat": 1311280970, "exp": 1311281970, "nonce": "n-0S6_WzA2Mj" }
Connect OpenID Stick with OpenID Connect and not “OAuth Authentication”
Connect OpenID An Identity Layer provides: ‱  is the user that got authenticated Who ‱  was he authenticated Where ‱  was he authenticated When ‱  was he authenticated How ‱  attributes he can give you What ‱  he is providing them Why
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
Connect OpenID Interoperable Simple & Mobile Friendly Secure Flexible
Connect OpenID Interoperable ‱  openid, profile, email, address, phone Standard scopes ‱  Request object and claims Method to ask for more granular claims ‱  Info about the authenticated user ID Token ‱  Get attributes about the user ‱  Translate the tokens UserInfo endpoint
Connect OpenID Simple & Mobile Friendly JSON Based REST Friendly In simplest cases, just copy and paste Mobile & App Friendly e.g., ID Token is signed JSON { "iss": "https://client.example.com", ”sub": "24400320", "aud": "s6BhdRkqt3", "nonce": "n-0S6_WzA2Mj", "exp": 1311281970, "iat": 1311280970, "auth_time": 1311280969, "acr": "2", "at_hash": "MTIzNDU2Nzg5MDEyMzQ1Ng" }
Connect OpenID Secure ‱  ISO/IEC 29115 Entity Authentication Assurance ‱  Choice of crypto LoA1 LoA2 LoA3 LoA4
Connect OpenID Flexible ‱  Through Request Object (JSON) ‱  Data Minimization Granular Request ‱  Does not disclose data recipients to data sources Aggregated Claims ‱  Decentralized Data Storage Distributed Claims
Connect OpenID Choice of your provider Can be Google, eBay, AOL, Deutsche Telecom etc. Can be your Phone => Self-Issued Provider
Connect OpenID Details
Connect OpenID Name: Alice de Wonderland Mail: alice@example.com Notary: Google. Official Google Seal æ ȘćŒäŒš ç€Ÿă‚°ăƒŒ ă‚°ăƒ«ć° Name: Alice de Wonderland Mail: alice@example.com Notary: Google. SAML Authentication 1.  Who are you. Get me a referral letter. Do not forget about Your email! 2. Plz write me a referral letter。 3. Here you are Alice 4. Here is the certificate. notary Eve Official Google Seal
Connect OpenID 1.  Who are YOU? Give me a valet key to your house. Then I will trust that you are the owner of the house. 2. Can you give me a valet key to my house? 3. Here you are! Alice 4. Her is the key! Pseudo-Authentication using OAuth Apartment Controller Eve
Connect OpenID OpenID Connect Authentication 1.  Who are you. Get me a referral letter. Do not forget about Your email! 2. Give Eve the locker Key and a referral letter. 3. Here you are! Alice 4. Here you are Date2011/5/15 11:00:04 Level of Assurance2 VerifierGoogle Official Google Seal Butler Locker Locker Eve Date2011/5/15 11:00:04 Level of Assurance2 VerifierGoogle Official Google Seal
Connect OpenID OpenID Connect's Clams aggregation and distributed claims. Name: Alice de Wanderland DoB: 1989/3/3 Sex: F Address: 135 Broadway., NY, NY NY City Official Seal Locker UserInfo Endpoint Site X Site Y Site Z Eve
Connect OpenID Applying it to Enterprise model
Connect OpenID Entity Identity Identity Sex Mail height Boy Friend Sex height Real Name Self Recognition Delta between Self and 3rd Party Recognition = interpersonal problem Delta between Self and 3rd Party Recognition= interpersonal problem Role Relatio nship 3rd Party Recognition Relationship Friends Boss Self Recognition 3rd Party Recognition Street Address Nickname Birthday Street Address Employee number licnese performance
Connect OpenID Real Name Professional qualification department Geo-location Employee number Entity Identity Resource Authentication Policy Enforcement Rules
Connect OpenID ABAC (Attribute Based Access Control) Based on SP800-162 figure on page viii identity Resource Rules
Connect OpenID Real Name Professional qualification department Geo-location Employee number Entity Identity Resource Authentication PEP PDP PAP Boss Metadata Log Log
Connect OpenID Q What kind of “Identity” (set of attributes) an enterprise needs?
Connect OpenID Current Standard Claims wont do
Connect OpenID UserInfo Claims ‱  sub ‱  name ‱  given_name ‱  family_name ‱  middle_name ‱  nickname ‱  preferred_username ‱  profile ‱  picture ‱  website ‱  gender ‱  birthdate ‱  locale ‱  zoneinfo ‱  updated_at ‱  email ‱  email_verified ‱  phone_number ‱  phone_number_verified ‱  address
Connect OpenID UserInfo Claims Example { "sub": "248289761001", "name": "Jane Doe", "given_name": "Jane", "family_name": "Doe", "email": "janedoe@example.com", "email_verified": true, "picture": "http://example.com/janedoe/me.jpg" }
Connect OpenID Perhaps we need standard “enterprise” claims
Connect OpenID SCIM?
Connect OpenID SCIM Enterprise User Schema Extension ‱  employeeNumber –  Numeric or alphanumeric identifier assigned to a person, typically based on order of hire or association with an organization. ‱  costCenter –  Identifies the name of a cost center. organization Identifies the name of an organization. ‱  division –  Identifies the name of a division. ‱  department –  Identifies the name of a department. ‱  manager –  The User's manager. A complex type that optionally allows Service Providers to represent organizational hierarchy by referencing the
Connect OpenID Not Quite.
Connect OpenID Perhaps we need standard “enterprise” claims
Connect OpenID Q When shall I start using OpenID Connect?
Connect OpenID Timeline 2nd Implementers Draft Public Review (45 days) 2nd Implementers Draft Vote (14 days) Final Review (60 days) Final We are here! December 2013
Connect OpenID Q uestions?
Connect OpenID OAuth and OpenID Connect: In the Trenches Wednesday, July 10, 4:00 – 5:30 PM Salon C/D/E to be continued at 

Connect OpenID Details 

Connect OpenID Working Together OpenID Connect
Connect OpenID Working Group Members ‱  Key working group participants: –  Nat Sakimura – Nomura Research Institute – Japan –  John Bradley – Ping Identity – Chile –  Breno de Medeiros – Google – US –  Axel Nennker – Deutsche Telekom – Germany –  Torsten Lodderstedt – Deutsche Telekom – Germany –  Roland Hedberg – UmeĂ„ University – Sweden –  Andreas Åkre Solberg – UNINETT – Norway –  Chuck Mortimore – Salesforce – US –  Brian Campbell – Ping Identity – US –  George Fletcher – AOL – US –  Justin Richer – Mitre – US –  Nov Matake – Independent – Japan –  Mike Jones – Microsoft – US ‱  By no means an exhaustive list!
Connect OpenID Design Philosophy Simple Things Simple Complex Things Possible
Connect OpenID Simple Things Simple UserInfo endpoint for simple claims about user Designed to work well on mobile phones
Connect OpenID How We Make It Simple ‱  Build on OAuth 2.0 ‱  Use JavaScript Object Notation (JSON) ‱  Build only the pieces that you need ‱  Goal: Easy implementation on all modern development platforms
Connect OpenID Complex Things Possible Encrypted Claims Aggregated Claims Distributed Claims
Connect OpenID A Look Under the Covers ‱  ID Token ‱  Claims Requests ‱  UserInfo Claims ‱  Example Protocol Messages
Connect OpenID OpenID Connect Authentication 1.  Who are you. Get me a referral letter. Do not forget about Your email! 2. Give Eve the locker Key and a referral letter. 3. Here you are! Alice 4. Here you are Date2011/5/15 11:00:04 Level of Assurance2 VerifierGoogle Official Google Seal Butler Locker Locker Bob Date2011/5/15 11:00:04 Level of Assurance2 VerifierGoogle Official Google Seal Access Token ID Token
Connect OpenID ID Token ‱  JWT representing logged-in session ‱  Claims: –  iss – Issuer –  sub – Identifier for subject (user) –  aud – Audience for ID Token –  iat – Time token was issued –  exp – Expiration time –  nonce – Mitigates replay attacks –  at_hash – Left hash of the access token –  azp – Authorized Party
Connect OpenID ID Token Claims Example { "iss": "https://server.example.com", "sub": "alice", "aud": "https://bob.example.com", "iat": 1311280970, "exp": 1311281970, "nonce": "n-0S6_WzA2Mj", "at_hash": "MTIzNDU2Nzg5MDEyMzQ1Ng", "azp": "https://cindy.example.com/" }
Connect OpenID at_hash makes ID Token a detached signature for the access token
Connect OpenID azp allows token to be used by another party Site X Cindy Bob ID Token Access Token
Connect OpenID Using Access Token only for Authentication is Dangerous. 1.  Who are you. Get me a referral letter. Do not forget about Your email! 2. Give Eve the locker Key and a referral letter. 3. Here you are! Alice 4. Here you are Butler Access Token Eve
Connect OpenID OpenID Connect's Clams aggregation and distributed claims. Name: Alice de Wanderland DoB: 1989/3/3 Sex: F Address: 135 Broadway., NY, NY NY City Official Seal Locker UserInfo Endpoint Site X Site Y Site Z Bob
Connect OpenID Aggregated Claims Data Source Data Source Identity Provider Relying Party Signed Claims Claim Values
Connect OpenID Distributed Claims Identity Provider Signed Claims Relying Party Claim Refs Data Source Data Source
Connect OpenID Claims Requests ‱  Basic requests made using OAuth scopes: –  openid – Declares request is for OpenID Connect –  profile – Requests default profile info –  email – Requests email address & verification status –  address – Requests postal address –  phone – Requests phone number & verification status –  offline_access – Requests Refresh Token issuance ‱  Requests for individual claims can be made using JSON “claims” request parameter
Connect OpenID Request Object
Connect OpenID You can register it at registration time : request_uri Personally Recommended
Connect OpenID Authorization Request Example https://server.example.com/authorize ?response_type=token%20id_token &client_id=0acf77d4-b486-4c99-bd76-074ed6a64ddf &redirect_uri=https%3A%2F%2Fclient.example.com%2Fcb &scope=openid%20profile &state=af0ifjsldkj &nonce=n-0S6_WzA2Mj
Connect OpenID Authorization Response Example HTTP/1.1 302 Found Location: https://client.example.com/cb #access_token=mF_9.B5f-4.1JqM &token_type=bearer &id_token=eyJhbGzI1NiJ9.eyJz9Glnw9J.F9-V4IvQ0Z &expires_in=3600 &state=af0ifjsldkj
Connect OpenID UserInfo Request Example GET /userinfo?schema=openid HTTP/1.1 Host: server.example.com Authorization: Bearer mF_9.B5f-4.1JqM
Connect OpenID Connect Specs Overview
Connect OpenID Resources ‱  OpenID Connect –  http://openid.net/connect/ ‱  OpenID Connect Working Group Mailing List –  http://lists.openid.net/mailman/listinfo/openid-specs-ab ‱  OpenID Connect Interop Wiki –  http://osis.idcommons.net/ ‱  OpenID Connect Interop Mailing List –  http://groups.google.com/group/openid-connect-interop ‱  Mike Jones’ Blog –  http://self-issued.info/ ‱  Nat Sakimura’s Blog –  http://nat.sakimura.org/ ‱  John Bradley’s Blog –  http://www.thread-safe.com/
Connect OpenID Current Status ‱  Waiting for dependencies to be completed ‱  JWS, JWE, JWA, JWK IETF JOSE WG ‱  JSON Web Token (JWT) IETF OAuth WG ‱  WebFinger IETF Apps WG
Connect OpenID Interop testing underway AOL, Google, IBM, Layer 7, Mitre, NRI, @nov, Orange, eBay, Gluu, Ping Identity, GÉANT, @ritou, Emmanuel Raviart 120+ feature tests 14 implementations
Connect OpenID Start Building
Connect OpenID Start Building Now!
Connect OpenID http://nat.sakimura.org/
Ad

Recommended

OpenID Connect Explained
OpenID Connect ExplainedOpenID Connect Explained
OpenID Connect Explained
Vladimir Dzhuvinov
 
OAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId ConnectOAuth 2.0 and OpenId Connect
OAuth 2.0 and OpenId Connect
Saran Doraiswamy
 
Demystifying OAuth 2.0
Demystifying OAuth 2.0Demystifying OAuth 2.0
Demystifying OAuth 2.0
Karl McGuinness
 
OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
Uwe Friedrichsen
 
An introduction to OAuth 2
An introduction to OAuth 2An introduction to OAuth 2
An introduction to OAuth 2
Sanjoy Kumar Roy
 
An Introduction to OAuth 2
An Introduction to OAuth 2An Introduction to OAuth 2
An Introduction to OAuth 2
Aaron Parecki
 
Building secure applications with keycloak
Building secure applications with keycloak Building secure applications with keycloak
Building secure applications with keycloak
Abhishek Koserwal
 
Keycloak SSO basics
Keycloak SSO basicsKeycloak SSO basics
Keycloak SSO basics
Juan Vicente Herrera Ruiz de Alejo
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
Pat Patterson
 
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep DiveOAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Nordic APIs
 
Intro to OAuth2 and OpenID Connect
Intro to OAuth2 and OpenID ConnectIntro to OAuth2 and OpenID Connect
Intro to OAuth2 and OpenID Connect
LiamWadman
 
Implementing OAuth
Implementing OAuthImplementing OAuth
Implementing OAuth
leahculver
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2
Aaron Parecki
 
OAuth - Open API Authentication
OAuth - Open API AuthenticationOAuth - Open API Authentication
OAuth - Open API Authentication
leahculver
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
Knoldus Inc.
 
OAuth2 + API Security
OAuth2 + API SecurityOAuth2 + API Security
OAuth2 + API Security
Amila Paranawithana
 
Secure your app with keycloak
Secure your app with keycloakSecure your app with keycloak
Secure your app with keycloak
Guy Marom
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSI
Torsten Lodderstedt
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
Torsten Lodderstedt
 
OAuth 2.0 with IBM WebSphere DataPower
OAuth 2.0 with IBM WebSphere DataPowerOAuth 2.0 with IBM WebSphere DataPower
OAuth 2.0 with IBM WebSphere DataPower
Shiu-Fun Poon
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
 
Web Authentication API
Web Authentication APIWeb Authentication API
Web Authentication API
FIDO Alliance
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
 
OAuth 2
OAuth 2OAuth 2
OAuth 2
ChrisWood262
 
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™ŻăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
Tatsuo Kudo
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
Torsten Lodderstedt
 
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tkOAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
Nov Matake
 
OpenID Authentication by example
OpenID Authentication by exampleOpenID Authentication by example
OpenID Authentication by example
Chris Vertonghen
 

More Related Content

What's hot (20)

OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
Pat Patterson
 
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep DiveOAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Nordic APIs
 
Intro to OAuth2 and OpenID Connect
Intro to OAuth2 and OpenID ConnectIntro to OAuth2 and OpenID Connect
Intro to OAuth2 and OpenID Connect
LiamWadman
 
Implementing OAuth
Implementing OAuthImplementing OAuth
Implementing OAuth
leahculver
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2
Aaron Parecki
 
OAuth - Open API Authentication
OAuth - Open API AuthenticationOAuth - Open API Authentication
OAuth - Open API Authentication
leahculver
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
Knoldus Inc.
 
OAuth2 + API Security
OAuth2 + API SecurityOAuth2 + API Security
OAuth2 + API Security
Amila Paranawithana
 
Secure your app with keycloak
Secure your app with keycloakSecure your app with keycloak
Secure your app with keycloak
Guy Marom
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSI
Torsten Lodderstedt
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
Torsten Lodderstedt
 
OAuth 2.0 with IBM WebSphere DataPower
OAuth 2.0 with IBM WebSphere DataPowerOAuth 2.0 with IBM WebSphere DataPower
OAuth 2.0 with IBM WebSphere DataPower
Shiu-Fun Poon
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
 
Web Authentication API
Web Authentication APIWeb Authentication API
Web Authentication API
FIDO Alliance
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
 
OAuth 2
OAuth 2OAuth 2
OAuth 2
ChrisWood262
 
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™ŻăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
Tatsuo Kudo
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
Torsten Lodderstedt
 
OpenID Connect: An Overview
OpenID Connect: An OverviewOpenID Connect: An Overview
OpenID Connect: An Overview
Pat Patterson
 
OAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep DiveOAuth & OpenID Connect Deep Dive
OAuth & OpenID Connect Deep Dive
Nordic APIs
 
Intro to OAuth2 and OpenID Connect
Intro to OAuth2 and OpenID ConnectIntro to OAuth2 and OpenID Connect
Intro to OAuth2 and OpenID Connect
LiamWadman
 
Implementing OAuth
Implementing OAuthImplementing OAuth
Implementing OAuth
leahculver
 
An Introduction to OAuth2
An Introduction to OAuth2An Introduction to OAuth2
An Introduction to OAuth2
Aaron Parecki
 
OAuth - Open API Authentication
OAuth - Open API AuthenticationOAuth - Open API Authentication
OAuth - Open API Authentication
leahculver
 
OAuth2 - Introduction
OAuth2 - IntroductionOAuth2 - Introduction
OAuth2 - Introduction
Knoldus Inc.
 
OAuth2 + API Security
OAuth2 + API SecurityOAuth2 + API Security
OAuth2 + API Security
Amila Paranawithana
 
Secure your app with keycloak
Secure your app with keycloakSecure your app with keycloak
Secure your app with keycloak
Guy Marom
 
OpenID for SSI
OpenID for SSIOpenID for SSI
OpenID for SSI
Torsten Lodderstedt
 
IdP, SAML, OAuth
IdP, SAML, OAuthIdP, SAML, OAuth
IdP, SAML, OAuth
Dan Brinkmann
 
OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)OpenID 4 Verifiable Credentials + HAIP (Update)
OpenID 4 Verifiable Credentials + HAIP (Update)
Torsten Lodderstedt
 
OAuth 2.0 with IBM WebSphere DataPower
OAuth 2.0 with IBM WebSphere DataPowerOAuth 2.0 with IBM WebSphere DataPower
OAuth 2.0 with IBM WebSphere DataPower
Shiu-Fun Poon
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptx
FIDO Alliance
 
Web Authentication API
Web Authentication APIWeb Authentication API
Web Authentication API
FIDO Alliance
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
 
OpenID for Verifiable Credentials
OpenID for Verifiable CredentialsOpenID for Verifiable Credentials
OpenID for Verifiable Credentials
Torsten Lodderstedt
 
OAuth 2
OAuth 2OAuth 2
OAuth 2
ChrisWood262
 
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™ŻăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
ăȘぜOpenID ConnectăŒćż…èŠăšăȘăŁăŸăźă‹ă€ăăźæ­ŽćČçš„èƒŒæ™Ż
Tatsuo Kudo
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
Torsten Lodderstedt
 

Viewers also liked (6)

OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tkOAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
Nov Matake
 
OpenID Authentication by example
OpenID Authentication by exampleOpenID Authentication by example
OpenID Authentication by example
Chris Vertonghen
 
Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID Connect
Jonathan LeBlanc
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
CA API Management
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
Brian Campbell
 
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tkOAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
OAuth 2.0 & OpenID Connect @ OpenSource Conference 2011 Tokyo #osc11tk
Nov Matake
 
OpenID Authentication by example
OpenID Authentication by exampleOpenID Authentication by example
OpenID Authentication by example
Chris Vertonghen
 
Securing RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID ConnectSecuring RESTful APIs using OAuth 2 and OpenID Connect
Securing RESTful APIs using OAuth 2 and OpenID Connect
Jonathan LeBlanc
 
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
Best Practices You Must Apply to Secure Your APIs - Scott Morrison, SVP & Dis...
CA API Management
 
OpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for BeginnersOpenID Connect and Single Sign-On for Beginners
OpenID Connect and Single Sign-On for Beginners
Salesforce Developers
 
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
OpenID Connect - a simple[sic] single sign-on & identity layer on top of OAut...
Brian Campbell
 
Ad

Similar to Introduction to OpenID Connect (20)

Lecture 20101124
Lecture 20101124Lecture 20101124
Lecture 20101124
Anderson Liang
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018
OpenIDFoundation
 
OpenID Foundation/Open Banking Workshop - OpenID Foundation Overview
OpenID Foundation/Open Banking Workshop - OpenID Foundation OverviewOpenID Foundation/Open Banking Workshop - OpenID Foundation Overview
OpenID Foundation/Open Banking Workshop - OpenID Foundation Overview
MikeLeszcz
 
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group UpdateOpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
MikeLeszcz
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
Oliver Pfaff
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OpenIDFoundation
 
OAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID ConnectOAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID Connect
Jacob Combs
 
OWASP Poland Day 2018 - Johan Peeters - Designing access control with OAuth a...
OWASP Poland Day 2018 - Johan Peeters - Designing access control with OAuth a...OWASP Poland Day 2018 - Johan Peeters - Designing access control with OAuth a...
OWASP Poland Day 2018 - Johan Peeters - Designing access control with OAuth a...
OWASP
 
OpenID Connect primer
OpenID Connect primerOpenID Connect primer
OpenID Connect primer
nob f
 
Distributed Identities with OpenID
Distributed Identities with OpenIDDistributed Identities with OpenID
Distributed Identities with OpenID
Bastian Hofmann
 
Open ID Explained
Open ID ExplainedOpen ID Explained
Open ID Explained
Karthik Ethirajan
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud Identity
Mike Schwartz
 
Building the Social Web with OpenID
Building the Social Web with OpenIDBuilding the Social Web with OpenID
Building the Social Web with OpenID
Simon Willison
 
OpenID and decentralised social networks
OpenID and decentralised social networksOpenID and decentralised social networks
OpenID and decentralised social networks
Simon Willison
 
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
David Keener
 
OpenID Foundation Connect Working Group Update - October 22, 2018
OpenID Foundation Connect Working Group Update - October 22, 2018OpenID Foundation Connect Working Group Update - October 22, 2018
OpenID Foundation Connect Working Group Update - October 22, 2018
OpenIDFoundation
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
CloudIDSummit
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectDemystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Vinay Manglani
 
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CloudIDSummit
 
IAM Overview Identiverse 2018
IAM Overview Identiverse 2018IAM Overview Identiverse 2018
IAM Overview Identiverse 2018
Brian Campbell
 
Lecture 20101124
Lecture 20101124Lecture 20101124
Lecture 20101124
Anderson Liang
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018OpenID Connect "101" Introduction -- October 23, 2018
OpenID Connect "101" Introduction -- October 23, 2018
OpenIDFoundation
 
OpenID Foundation/Open Banking Workshop - OpenID Foundation Overview
OpenID Foundation/Open Banking Workshop - OpenID Foundation OverviewOpenID Foundation/Open Banking Workshop - OpenID Foundation Overview
OpenID Foundation/Open Banking Workshop - OpenID Foundation Overview
MikeLeszcz
 
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group UpdateOpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
OpenID Foundation Workshop at EIC 2018 - OpenID Connect Working Group Update
MikeLeszcz
 
OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?OpenID Connect - An Emperor or Just New Cloths?
OpenID Connect - An Emperor or Just New Cloths?
Oliver Pfaff
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect Working Group U...
OpenIDFoundation
 
OAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID ConnectOAuth 2.0 and OpenID Connect
OAuth 2.0 and OpenID Connect
Jacob Combs
 
OWASP Poland Day 2018 - Johan Peeters - Designing access control with OAuth a...
OWASP Poland Day 2018 - Johan Peeters - Designing access control with OAuth a...OWASP Poland Day 2018 - Johan Peeters - Designing access control with OAuth a...
OWASP Poland Day 2018 - Johan Peeters - Designing access control with OAuth a...
OWASP
 
OpenID Connect primer
OpenID Connect primerOpenID Connect primer
OpenID Connect primer
nob f
 
Distributed Identities with OpenID
Distributed Identities with OpenIDDistributed Identities with OpenID
Distributed Identities with OpenID
Bastian Hofmann
 
Open ID Explained
Open ID ExplainedOpen ID Explained
Open ID Explained
Karthik Ethirajan
 
RSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud IdentityRSA Europe: Future of Cloud Identity
RSA Europe: Future of Cloud Identity
Mike Schwartz
 
Building the Social Web with OpenID
Building the Social Web with OpenIDBuilding the Social Web with OpenID
Building the Social Web with OpenID
Simon Willison
 
OpenID and decentralised social networks
OpenID and decentralised social networksOpenID and decentralised social networks
OpenID and decentralised social networks
Simon Willison
 
Implementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking SiteImplementing OpenID for Your Social Networking Site
Implementing OpenID for Your Social Networking Site
David Keener
 
OpenID Foundation Connect Working Group Update - October 22, 2018
OpenID Foundation Connect Working Group Update - October 22, 2018OpenID Foundation Connect Working Group Update - October 22, 2018
OpenID Foundation Connect Working Group Update - October 22, 2018
OpenIDFoundation
 
CIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID ConnectCIS14: Working with OAuth and OpenID Connect
CIS14: Working with OAuth and OpenID Connect
CloudIDSummit
 
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID ConnectDemystifying SAML 2.0,Oauth 2.0, OpenID Connect
Demystifying SAML 2.0,Oauth 2.0, OpenID Connect
Vinay Manglani
 
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CloudIDSummit
 
IAM Overview Identiverse 2018
IAM Overview Identiverse 2018IAM Overview Identiverse 2018
IAM Overview Identiverse 2018
Brian Campbell
 
Ad

More from Nat Sakimura (20)

FAPI and beyond - ă‚ˆă‚Šă‚ˆă„ă‚»ă‚­ăƒ„ăƒȘăƒ†ă‚ŁăźăŸă‚ă«
FAPI and beyond - ă‚ˆă‚Šă‚ˆă„ă‚»ă‚­ăƒ„ăƒȘăƒ†ă‚ŁăźăŸă‚ă«FAPI and beyond - ă‚ˆă‚Šă‚ˆă„ă‚»ă‚­ăƒ„ăƒȘăƒ†ă‚ŁăźăŸă‚ă«
FAPI and beyond - ă‚ˆă‚Šă‚ˆă„ă‚»ă‚­ăƒ„ăƒȘăƒ†ă‚ŁăźăŸă‚ă«
Nat Sakimura
 
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureOpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
Nat Sakimura
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
Nat Sakimura
 
Introduction to ‹the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to ‹the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to ‹the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to ‹the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Nat Sakimura
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth Profile
Nat Sakimura
 
金融 API æ™‚ä»Łăźă‚»ă‚­ăƒ„ăƒȘティ: OpenID Financial API (FAPI) WG
金融 API æ™‚ä»Łăźă‚»ă‚­ăƒ„ăƒȘティ: OpenID Financial API (FAPI) WG金融 API æ™‚ä»Łăźă‚»ă‚­ăƒ„ăƒȘティ: OpenID Financial API (FAPI) WG
金融 API æ™‚ä»Łăźă‚»ă‚­ăƒ„ăƒȘティ: OpenID Financial API (FAPI) WG
Nat Sakimura
 
ăƒ–ăƒ­ăƒƒă‚Żăƒă‚§ăƒŒăƒłă€œäżĄé Œăźæșæł‰ăźæ°‘äž»ćŒ–ăźă‚‚ăŸă‚‰ă™ć€‰é©
ăƒ–ăƒ­ăƒƒă‚Żăƒă‚§ăƒŒăƒłă€œäżĄé Œăźæșæł‰ăźæ°‘äž»ćŒ–ăźă‚‚ăŸă‚‰ă™ć€‰é©ăƒ–ăƒ­ăƒƒă‚Żăƒă‚§ăƒŒăƒłă€œäżĄé Œăźæșæł‰ăźæ°‘äž»ćŒ–ăźă‚‚ăŸă‚‰ă™ć€‰é©
ăƒ–ăƒ­ăƒƒă‚Żăƒă‚§ăƒŒăƒłă€œäżĄé Œăźæșæł‰ăźæ°‘äž»ćŒ–ăźă‚‚ăŸă‚‰ă™ć€‰é©
Nat Sakimura
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Nat Sakimura
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 Update
Nat Sakimura
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WG
Nat Sakimura
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID Connect
Nat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
Nat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
Nat Sakimura
 
車èŒȘは侾くăȘăŁăŸă‹ïŒŸ~ăƒ‡ă‚žă‚żăƒ«ăƒ»ă‚ąă‚€ăƒ‡ăƒłăƒ†ă‚Łăƒ†ă‚Łăźæš™æș–ćŒ–ć‹•ć‘ăšăăźă‚ŽăƒŒăƒ«
車èŒȘは侾くăȘăŁăŸă‹ïŒŸ~ăƒ‡ă‚žă‚żăƒ«ăƒ»ă‚ąă‚€ăƒ‡ăƒłăƒ†ă‚Łăƒ†ă‚Łăźæš™æș–ćŒ–ć‹•ć‘ăšăăźă‚ŽăƒŒăƒ«è»ŠèŒȘは侾くăȘăŁăŸă‹ïŒŸ~ăƒ‡ă‚žă‚żăƒ«ăƒ»ă‚ąă‚€ăƒ‡ăƒłăƒ†ă‚Łăƒ†ă‚Łăźæš™æș–ćŒ–ć‹•ć‘ăšăăźă‚ŽăƒŒăƒ«
車èŒȘは侾くăȘăŁăŸă‹ïŒŸ~ăƒ‡ă‚žă‚żăƒ«ăƒ»ă‚ąă‚€ăƒ‡ăƒłăƒ†ă‚Łăƒ†ă‚Łăźæš™æș–ćŒ–ć‹•ć‘ăšăăźă‚ŽăƒŒăƒ«
Nat Sakimura
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91
Nat Sakimura
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problems
Nat Sakimura
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extension
Nat Sakimura
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604
Nat Sakimura
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OP
Nat Sakimura
 
Open idずcyberç©ș間
Open idずcyberç©ș間Open idずcyberç©ș間
Open idずcyberç©ș間
Nat Sakimura
 
FAPI and beyond - ă‚ˆă‚Šă‚ˆă„ă‚»ă‚­ăƒ„ăƒȘăƒ†ă‚ŁăźăŸă‚ă«
FAPI and beyond - ă‚ˆă‚Šă‚ˆă„ă‚»ă‚­ăƒ„ăƒȘăƒ†ă‚ŁăźăŸă‚ă«FAPI and beyond - ă‚ˆă‚Šă‚ˆă„ă‚»ă‚­ăƒ„ăƒȘăƒ†ă‚ŁăźăŸă‚ă«
FAPI and beyond - ă‚ˆă‚Šă‚ˆă„ă‚»ă‚­ăƒ„ăƒȘăƒ†ă‚ŁăźăŸă‚ă«
Nat Sakimura
 
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureOpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
Nat Sakimura
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
Nat Sakimura
 
Introduction to ‹the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to ‹the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to ‹the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to ‹the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Nat Sakimura
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth Profile
Nat Sakimura
 
金融 API æ™‚ä»Łăźă‚»ă‚­ăƒ„ăƒȘティ: OpenID Financial API (FAPI) WG
金融 API æ™‚ä»Łăźă‚»ă‚­ăƒ„ăƒȘティ: OpenID Financial API (FAPI) WG金融 API æ™‚ä»Łăźă‚»ă‚­ăƒ„ăƒȘティ: OpenID Financial API (FAPI) WG
金融 API æ™‚ä»Łăźă‚»ă‚­ăƒ„ăƒȘティ: OpenID Financial API (FAPI) WG
Nat Sakimura
 
ăƒ–ăƒ­ăƒƒă‚Żăƒă‚§ăƒŒăƒłă€œäżĄé Œăźæșæł‰ăźæ°‘äž»ćŒ–ăźă‚‚ăŸă‚‰ă™ć€‰é©
ăƒ–ăƒ­ăƒƒă‚Żăƒă‚§ăƒŒăƒłă€œäżĄé Œăźæșæł‰ăźæ°‘äž»ćŒ–ăźă‚‚ăŸă‚‰ă™ć€‰é©ăƒ–ăƒ­ăƒƒă‚Żăƒă‚§ăƒŒăƒłă€œäżĄé Œăźæșæł‰ăźæ°‘äž»ćŒ–ăźă‚‚ăŸă‚‰ă™ć€‰é©
ăƒ–ăƒ­ăƒƒă‚Żăƒă‚§ăƒŒăƒłă€œäżĄé Œăźæșæł‰ăźæ°‘äž»ćŒ–ăźă‚‚ăŸă‚‰ă™ć€‰é©
Nat Sakimura
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Nat Sakimura
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 Update
Nat Sakimura
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WG
Nat Sakimura
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID Connect
Nat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
Nat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
Nat Sakimura
 
車èŒȘは侾くăȘăŁăŸă‹ïŒŸ~ăƒ‡ă‚žă‚żăƒ«ăƒ»ă‚ąă‚€ăƒ‡ăƒłăƒ†ă‚Łăƒ†ă‚Łăźæš™æș–ćŒ–ć‹•ć‘ăšăăźă‚ŽăƒŒăƒ«
車èŒȘは侾くăȘăŁăŸă‹ïŒŸ~ăƒ‡ă‚žă‚żăƒ«ăƒ»ă‚ąă‚€ăƒ‡ăƒłăƒ†ă‚Łăƒ†ă‚Łăźæš™æș–ćŒ–ć‹•ć‘ăšăăźă‚ŽăƒŒăƒ«è»ŠèŒȘは侾くăȘăŁăŸă‹ïŒŸ~ăƒ‡ă‚žă‚żăƒ«ăƒ»ă‚ąă‚€ăƒ‡ăƒłăƒ†ă‚Łăƒ†ă‚Łăźæš™æș–ćŒ–ć‹•ć‘ăšăăźă‚ŽăƒŒăƒ«
車èŒȘは侾くăȘăŁăŸă‹ïŒŸ~ăƒ‡ă‚žă‚żăƒ«ăƒ»ă‚ąă‚€ăƒ‡ăƒłăƒ†ă‚Łăƒ†ă‚Łăźæš™æș–ćŒ–ć‹•ć‘ăšăăźă‚ŽăƒŒăƒ«
Nat Sakimura
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91
Nat Sakimura
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problems
Nat Sakimura
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extension
Nat Sakimura
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604
Nat Sakimura
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OP
Nat Sakimura
 
Open idずcyberç©ș間
Open idずcyberç©ș間Open idずcyberç©ș間
Open idずcyberç©ș間
Nat Sakimura
 

Recently uploaded (20)

Domino IQ – Was Sie erwartet, erste Schritte und AnwendungsfĂ€lle
Domino IQ – Was Sie erwartet, erste Schritte und AnwendungsfĂ€lleDomino IQ – Was Sie erwartet, erste Schritte und AnwendungsfĂ€lle
Domino IQ – Was Sie erwartet, erste Schritte und AnwendungsfĂ€lle
panagenda
 
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | BluebashMCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
Bluebash
 
Introduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUEIntroduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUE
Google Developer Group On Campus European Universities in Egypt
 
IntroSlides-May-BuildWithAi-EarthEngine.pdf
IntroSlides-May-BuildWithAi-EarthEngine.pdfIntroSlides-May-BuildWithAi-EarthEngine.pdf
IntroSlides-May-BuildWithAi-EarthEngine.pdf
Luiz Carneiro
 
If You Use Databricks, You Definitely Need FME
If You Use Databricks, You Definitely Need FMEIf You Use Databricks, You Definitely Need FME
If You Use Databricks, You Definitely Need FME
Safe Software
 
Soulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate reviewSoulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate review
Soulmaite
 
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
End-to-end Assurance for SD-WAN & SASE with ThousandEyesEnd-to-end Assurance for SD-WAN & SASE with ThousandEyes
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
ThousandEyes
 
How to Detect Outliers in IBM SPSS Statistics.pptx
How to Detect Outliers in IBM SPSS Statistics.pptxHow to Detect Outliers in IBM SPSS Statistics.pptx
How to Detect Outliers in IBM SPSS Statistics.pptx
Version 1 Analytics
 
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Infrassist Technologies Pvt. Ltd.
 
Your startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean accountYour startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean account
angelo60207
 
Jira Administration Training – Day 1 : Introduction
Jira Administration Training – Day 1 : IntroductionJira Administration Training – Day 1 : Introduction
Jira Administration Training – Day 1 : Introduction
Ravi Teja
 
Create Your First AI Agent with UiPath Agent Builder
Create Your First AI Agent with UiPath Agent BuilderCreate Your First AI Agent with UiPath Agent Builder
Create Your First AI Agent with UiPath Agent Builder
DianaGray10
 
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Scott M. Graffius
 
Evaluation Challenges in Using Generative AI for Science & Technical Content
Evaluation Challenges in Using Generative AI for Science & Technical ContentEvaluation Challenges in Using Generative AI for Science & Technical Content
Evaluation Challenges in Using Generative AI for Science & Technical Content
Paul Groth
 
Introduction to Internet of things .ppt.
Introduction to Internet of things .ppt.Introduction to Internet of things .ppt.
Introduction to Internet of things .ppt.
hok12341073
 
Developing Schemas with FME and Excel - Peak of Data & AI 2025
Developing Schemas with FME and Excel - Peak of Data & AI 2025Developing Schemas with FME and Excel - Peak of Data & AI 2025
Developing Schemas with FME and Excel - Peak of Data & AI 2025
Safe Software
 
Oracle Cloud Infrastructure Generative AI Professional
Oracle Cloud Infrastructure Generative AI ProfessionalOracle Cloud Infrastructure Generative AI Professional
Oracle Cloud Infrastructure Generative AI Professional
VICTOR MAESTRE RAMIREZ
 
Palo Alto Networks Cybersecurity Foundation
Palo Alto Networks Cybersecurity FoundationPalo Alto Networks Cybersecurity Foundation
Palo Alto Networks Cybersecurity Foundation
VICTOR MAESTRE RAMIREZ
 
The case for on-premises AI
The case for on-premises AIThe case for on-premises AI
The case for on-premises AI
Principled Technologies
 
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdfBoosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Alkin Tezuysal
 
Domino IQ – Was Sie erwartet, erste Schritte und AnwendungsfĂ€lle
Domino IQ – Was Sie erwartet, erste Schritte und AnwendungsfĂ€lleDomino IQ – Was Sie erwartet, erste Schritte und AnwendungsfĂ€lle
Domino IQ – Was Sie erwartet, erste Schritte und AnwendungsfĂ€lle
panagenda
 
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | BluebashMCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
MCP vs A2A vs ACP: Choosing the Right Protocol | Bluebash
Bluebash
 
Introduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUEIntroduction to Typescript - GDG On Campus EUE
Introduction to Typescript - GDG On Campus EUE
Google Developer Group On Campus European Universities in Egypt
 
IntroSlides-May-BuildWithAi-EarthEngine.pdf
IntroSlides-May-BuildWithAi-EarthEngine.pdfIntroSlides-May-BuildWithAi-EarthEngine.pdf
IntroSlides-May-BuildWithAi-EarthEngine.pdf
Luiz Carneiro
 
If You Use Databricks, You Definitely Need FME
If You Use Databricks, You Definitely Need FMEIf You Use Databricks, You Definitely Need FME
If You Use Databricks, You Definitely Need FME
Safe Software
 
Soulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate reviewSoulmaite review - Find Real AI soulmate review
Soulmaite review - Find Real AI soulmate review
Soulmaite
 
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
End-to-end Assurance for SD-WAN & SASE with ThousandEyesEnd-to-end Assurance for SD-WAN & SASE with ThousandEyes
End-to-end Assurance for SD-WAN & SASE with ThousandEyes
ThousandEyes
 
How to Detect Outliers in IBM SPSS Statistics.pptx
How to Detect Outliers in IBM SPSS Statistics.pptxHow to Detect Outliers in IBM SPSS Statistics.pptx
How to Detect Outliers in IBM SPSS Statistics.pptx
Version 1 Analytics
 
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Azure vs AWS Which Cloud Platform Is Best for Your Business in 2025
Infrassist Technologies Pvt. Ltd.
 
Your startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean accountYour startup on AWS - How to architect and maintain a Lean and Mean account
Your startup on AWS - How to architect and maintain a Lean and Mean account
angelo60207
 
Jira Administration Training – Day 1 : Introduction
Jira Administration Training – Day 1 : IntroductionJira Administration Training – Day 1 : Introduction
Jira Administration Training – Day 1 : Introduction
Ravi Teja
 
Create Your First AI Agent with UiPath Agent Builder
Create Your First AI Agent with UiPath Agent BuilderCreate Your First AI Agent with UiPath Agent Builder
Create Your First AI Agent with UiPath Agent Builder
DianaGray10
 
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Mark Zuckerberg teams up with frenemy Palmer Luckey to shape the future of XR...
Scott M. Graffius
 
Evaluation Challenges in Using Generative AI for Science & Technical Content
Evaluation Challenges in Using Generative AI for Science & Technical ContentEvaluation Challenges in Using Generative AI for Science & Technical Content
Evaluation Challenges in Using Generative AI for Science & Technical Content
Paul Groth
 
Introduction to Internet of things .ppt.
Introduction to Internet of things .ppt.Introduction to Internet of things .ppt.
Introduction to Internet of things .ppt.
hok12341073
 
Developing Schemas with FME and Excel - Peak of Data & AI 2025
Developing Schemas with FME and Excel - Peak of Data & AI 2025Developing Schemas with FME and Excel - Peak of Data & AI 2025
Developing Schemas with FME and Excel - Peak of Data & AI 2025
Safe Software
 
Oracle Cloud Infrastructure Generative AI Professional
Oracle Cloud Infrastructure Generative AI ProfessionalOracle Cloud Infrastructure Generative AI Professional
Oracle Cloud Infrastructure Generative AI Professional
VICTOR MAESTRE RAMIREZ
 
Palo Alto Networks Cybersecurity Foundation
Palo Alto Networks Cybersecurity FoundationPalo Alto Networks Cybersecurity Foundation
Palo Alto Networks Cybersecurity Foundation
VICTOR MAESTRE RAMIREZ
 
The case for on-premises AI
The case for on-premises AIThe case for on-premises AI
The case for on-premises AI
Principled Technologies
 
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdfBoosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Boosting MySQL with Vector Search -THE VECTOR SEARCH CONFERENCE 2025 .pdf
Alkin Tezuysal
 

Introduction to OpenID Connect