Why OIDC?
OpenID Connect is a well established protocol built on top of OAuth 2.0. It adds the authentication features missing in OAuth 2.0 which is focused on authorization.
Before you get started
In order to start using the OIDC process, the friendly Unidy team needs to setup an application in the Unidy backend. Please provide them with the following infos:
- Name and Description - Will be displayed to the user.
- Redirect URI - We will redirect the user here after the handshake.
- Needed scopes - The user will allow the app to access those fields.
- Required user attributes (optional) - The user will have to fill out these.
- Logo (optional) - At least 50x50px in PNG format.
- Connect URI (optional) - The user can access this link directly from within Unidy.
Choose your Flow
OIDC is a very flexible protocol that supports a variety of usecases. We have listed the most common cases together with the best solution. If in doubt, again, get in touch with us. We are happy to support.
No access to the Unidy API needed
Choose the OIDC Implicit Flow requesting the ID Token .
Make API calls on behalf of the user (backend)
Choose the OIDC Authorization Flow requesting an Authorization Code .
Make API calls on behalf of the user (mobile or single page app)
Choose the OIDC Authorization Flow requesting an Authorization Code with PKCE .
Have general access to the API
Choose the OIDC Client Credentials Flow .
Special Usecases
There are some more features covered by OIDC in addition to the described flows above.
Verify if the user is logged in
Choose the OIDC Silent Authorization Flow .
Log the user out
Choose the OIDC RP Initiated Logout Flow .
Further Info
OIDC is very flexible and capable of combining different flow. For a full overview of all parameters please refer to: