whowhenhow
Reputation: 119
SSO with OpenID connect?
The spec says
3.1.2.3. Authorization Server Authenticates End-User
The methods used by the Authorization Server to Authenticate the End-User (e.g. username and password, session cookies, etc.) are beyond the scope of this specification.
How does SSO work with OpenID Connect?
Are cookies used? Is "id_token_hint" used?
I could not find anything about it.
Upvotes: 0
Views: 211
Answers (1)
Tore Nestenius
Reputation: 19921
Its implementation specific, but typically when you login at the authorization server, you receive a login session cookie with the server that is used to give you the SSO experience.
You can use the id_token_hint to pass your ID-token when you authenticate with a new app to get a more smooth login experience.
Upvotes: 1
Related Questions
- Use openid connect as SSO for multiple applications
- SSO and OAuth integration
- OAuth2 based SSO
- sso login using oauth2/OIDC without redirects - possible?
- OpenId Connect, SSO and SPA
- Is this the proper use of OpenID Connect for this use case?
- Implementing an SSO solution
- Can OAuth 2 be used for SSO? Or do I need a more sophisticated authentication?
- Using Google's OpenID Connect as part of a SSO
- SSO with OpenID