OpenID Connect Federation 1.0: Difference between revisions
Jump to navigation
Jump to search
| Line 10: | Line 10: | ||
* Entity = a globally named accessible over the internet that has a separate and distinct existence. | * Entity = a globally named accessible over the internet that has a separate and distinct existence. | ||
* Trust Anchor = an entity whose main purpose is to issue statements about entities, | * Trust Anchor = an entity whose main purpose is to issue statements about entities, | ||
* | * [https://tcwiki.azurewebsites.net/index.php?title=Entity_Statement Entity Statement] = a signed JWT that is the core component of the Federation spec. | ||
==Reference== | ==Reference== | ||
[[Category: Standards]] | [[Category: Standards]] | ||
Latest revision as of 00:49, 25 May 2021
Full Name
This page describes the OpenID specification for Federation.
Context
- Created by OpenID Connect 1.0 team to specify how a Relying Party (RP) can discover metadata about an OpenID Provider (OP), and then register to obtain RP credentials.
- This specification describes how two entities that would like to interact can dynamically fetch and resolve trust and metadata for a given protocol through the use of third-party trust anchor.
- OpenID Connect Federation trust chains rely on cryptographically signed JSON Web Token (JWT) documents.
Taxonomy
- Entity = a globally named accessible over the internet that has a separate and distinct existence.
- Trust Anchor = an entity whose main purpose is to issue statements about entities,
- Entity Statement = a signed JWT that is the core component of the Federation spec.