Skip to main content
GDPR Kit CIAM Buyer's Guide Contact Us
Janrain respects your privacy and will treat the personal data you choose to share with us in accordance with our privacy statement.
 

We use cookies to give you the best online experience. By using our website you agree to our use of cookies in accordance with our privacy statement

OK

Mobile Menu

Janrain Supports OpenID Connect

By Katie Keenan | Posted on August 12, 2011

Janrain is committed to making identity management on the web easier and facilitating interactions among all participants. We believe that such a goal can only be achieved by keeping the web open and are thrilled to see the OpenID suite of protocols evolving, with its latest version – OpenID Connect – approaching its final stages.

openid-connect

The first versions of OpenID (1.x and 2.0 Authentication, Attribute Exchange etc.) represented the first attempts at creating an open, decentralized identity layer for the Internet. Janrain helped lay out this foundation and was involved at every level – drafting specifications, providing open-source libraries, full-featured implementations and finally helping web sites engage their users in a more effective way.

The recent history has shown a clear evolution in the online identity space and some shortcomings of the first OpenID protocol suite have been unveiled. People prefer to identify themselves with email addresses rather than URLs, the entire user experience matters a lot, and most parties prefer to access user owned content and profile data through authorization obtained via an OAuth-based flow.

At the protocol level, OpenID 2.0’s key-value authentication and verification messages are replaced in OpenID Connect with a profiled and enhanced OAuth 2.0 flow that revolves around an ID token. This acts as an OAuth access token that can be exchanged at the OpenID Provider for basic authentication data (the user identifier).

Alternately, if an enhanced OpenID Request Object was also sent along with the OAuth authorization request, the ID token will represent a grant given to the Relying Party (the website) to access the user identifier and additional profile data (represented as claims) for which the user approved access. The enhanced messages take the format of JSON and JWT (JSON Web Token).

As these features are taking shape in OpenID Connect, we’re looking forward to supporting them in our products.Janrain Engage will naturally evolve to support identity providers that implement the new OpenID Connect protocol, and Janrain Capture will incorporate the new authorization-based management of user profile data. Similarly, our Janrain Identity Service solution will allow organizations to transform their user databases into identity providers speaking OpenID Connect, along with the legacy protocols.

OpenID-Connect represents a much needed evolution of the previous OpenID protocols. Janrain is once again supporting the specification and implementation efforts.

Popular Posts

About the author

Katie Keenan

Interactive Marketing Manager

A true geek at heart, Katie works behind the scenes on Janrain's website and social media strategy as the interactive marketing manager. Katie has more than 10 years of experience building websites and managing online communities in media, retail, technology, law and the nonprofit sector. Her passion: to get rid of the clutter and help to improve efficiencies across the web to spark online engagement.

View all posts by Katie Keenan