OpenID Connect Federation 1.0: Difference between revisions

From IDESG Wiki
Jump to navigation Jump to search
 
Line 10: Line 10:
* Entity = a globally named accessible over the internet that has a separate and distinct existence.
* Entity = a globally named accessible over the internet that has a separate and distinct existence.
* Trust Anchor = an entity whose main purpose is to issue statements about entities,
* Trust Anchor = an entity whose main purpose is to issue statements about entities,
* The [https://tcwiki.azurewebsites.net/index.php?title=Entity_Statement Entity Statement] is the core component of the Federation spec.
* [https://tcwiki.azurewebsites.net/index.php?title=Entity_Statement Entity Statement] = a signed JWT that is the core component of the Federation spec.


==Reference==
==Reference==


[[Category: Standards]]
[[Category: Standards]]

Latest revision as of 00:49, 25 May 2021

Full Name

This page describes the OpenID specification for Federation.

Context

  • Created by OpenID Connect 1.0 team to specify how a Relying Party (RP) can discover metadata about an OpenID Provider (OP), and then register to obtain RP credentials.
  • This specification describes how two entities that would like to interact can dynamically fetch and resolve trust and metadata for a given protocol through the use of third-party trust anchor.
  • OpenID Connect Federation trust chains rely on cryptographically signed JSON Web Token (JWT) documents.

Taxonomy

  • Entity = a globally named accessible over the internet that has a separate and distinct existence.
  • Trust Anchor = an entity whose main purpose is to issue statements about entities,
  • Entity Statement = a signed JWT that is the core component of the Federation spec.

Reference