OpenID Connect (OIDC)

OIDC is an identity layer on top of OAuth 2.0 for authentication.

Updated: 2026-03-05

Definition

OpenID Connect adds authentication to OAuth 2.0 by providing ID tokens and standardized identity claims.

It is widely used for modern SSO logins and federated identity.

Key points

Authentication layer on OAuth
Uses ID token (often JWT)
Common for modern web and mobile apps

Common mistakes

Not validating tokens properly (issuer/audience/expiry).
Mixing up access token vs ID token purpose.

Related exams

CompTIA Security+ (SY0-701)

Free Security+ SY0-701 mini test. Continue in the app for offline packs and detailed explanations.

Microsoft Azure Fundamentals (AZ-900)

Free AZ-900 mini test. Continue in the app for offline packs and detailed explanations.

Related terms

Want to practice this in exam-style questions?

Use the mini tests on each exam page, then continue in the app for offline packs and detailed explanations.