Skip to content
This repository has been archived by the owner on Dec 16, 2020. It is now read-only.

Clients

Okke Harsta edited this page Mar 8, 2016 · 6 revisions

OpenID Connect clients

The OpenConext-oidc makes it possible for Service Providers - who want to join the SURFnet federation, but do not want to implement / use SAML for the user authentication - to use the OpenID Connect protocol to connect to the SURFnet federation.

We distinguish two types of client:

  • Service Providers who only need an identifier of the user in order to provision the user locally
  • Service Providers who need then only the identifier (e.g. name, email etc)

The first type only needs to obtain an ID Token which contains the unique identifier of the user - e.g. the sub. This can be achieved by making

Clone this wiki locally