OpenID Connect launches with backing from Google, Microsoft, AOL, and more

Signing users in to a mobile or web app isn’t necessarily hard, but keeping their credentials safe is something that’s often best left to specialists. The OpenID Foundation announced the launch of OpenID Connect, the organization’s latest standard for authenticating users and building distributed identity systems. The standard has the backing of Google, Microsoft, Salesforce, Deutsche Telekom, AOL and numerous other companies and mobile network operators.

The OpenID Foundation Wednesday blessed the final version of OpenID Connect, an authentication protocol that is being called a cornerstone for scalable, standardized identity-based access control across SaaS, mobile apps, enterprise and other resources. “We now have a protocol that is an official standard,” Don Thibeau, executive director of the Open Foundation said. OpenID Connect (OIDC) is a layer on top of the Internet Engineering Task Force framework OAuth 2.0. The two pieces are part of new-era Internet protocols that use standards such as Representational State Transfer (REST) and JavaScript Object Notation (JSON), which are finding favor with developers and also eliminate the need for enterprises to open ports on their firewalls.

Read full article