This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.
Configuring OAuth2-OpenID Connect
OAuth 2.0 is an authorization framework that is capable of providing a way for clients to access a resource with restricted access on behalf of the resource owner. OAuth 2.0 is capable of authorizing the flows for web applications, desktop applications, and mobile applications among others.
OpenID Connect is an authentication protocol built on top of OAuth 2.0, which facilitates clients to verify the end-user identity against the authentication performed by an authorization server. At the same time, it provides methods to transfer the end user information through claims.
With OAuth as its base, OpenID Connect allows many types of clients such as web-based clients, mobile clients and javascript clients to verify the users with an authorization server-based authentication.
Sign in. Enter your username and password to log on to the Management Console.
Navigate to the Main menu to access the Identity menu. Click Add under Identity Providers.
For more information, see Adding and Configuring an Identity Provider.Fill in the details in the Basic Information section.
Expand the Federated Authenticators section and then the OAuth2/OpenID Connect Configuration form.
Fill in the following fields where relevant.
Prior to this, you need to configure an application for Identity server in the federated authorization server and get the application information such as client ID and secret. For more information, see configuring OAuth2-OpenID Connect single sign-on.
Identity Federation is part of the process of configuring an identity provider. For more information on how to configure an identity provider, see Configuring an Identity Provider.
See Log into Identity Server using another Identity Server - OAuth2 for a sample of using OAuth2/OpenIDConnect for federated authentication.