The document discusses OAuth and OpenID Connect protocols. It provides diagrams illustrating the flows of OAuth authorization code grant, implicit grant and hybrid grant flows. It also compares OAuth and OpenID Connect, noting that OpenID Connect builds upon OAuth by adding an identity layer. Key aspects of OpenID Connect like ID tokens and their claims are outlined. Examples of OAuth and OpenID Connect implementations are provided at the end.
3. Definition of “Federation” in NIST SP 800-63-3
“A process that allows for the conveyance of
identity and authentication information across
a set of networked systems.”
https://pages.nist.gov/800-63-3/
4. Definition of “Federation” in NIST SP 800-63-3
“ Identity
”
https://openid-foundation-japan.github.io/800-63-3/index.ja.html
5. Login / Sign-up
Request an Assertion
Authentication Event
Issue an Assertion
Request Attributes
AttributesWelcome, Nov!
Verify the Assertion
6. Login / Sign-up
Request an Assertion
Authentication Event
Issue an Artifact
Send the Artifact
Request Attributes
AttributesWelcome, Nov!
Assertion
7. Login / Sign-up
Request an Assertion
Authentication Event
Issue an Assertion w/ Attributes
Verify the Assertion
Welcome, Nov!