Today we put up an online demo of the Connect2ID server along with a generic OpenID Connect client. With that we wish to show the capabilities of the new internet standard for single sign-on (SSO) based on the successful OAuth 2.0 framework. OpenID Connect is designed to sign users onto web as well as native apps and also provides a standard extensible schema for provisioning user details (called UserInfo) such as email, name and contact information to client applications.
The OpenID Connect 1.0 specification is expected to become final in spring of 2014. Around the same time we prepare to release our Connect2ID server for business customers.
You can test the OpenID Connect login by going to https://demo.c2id.com/oidc-client.
Just click on “Login with OpenID Connect” and when you’re redirected to the IdP server enter “alice” + “secret” as credentials.
Upon returning to the OpenID Connect client you should see the process of decoding the authentication response, making the token request, verifying the ID token and extracting its content, and finally the UserInfo request being made. The client was built with our open source OAuth 2.0 SDK with OpenID Connect extensions.
The demo Connect2ID server is set to remember user sessions for 15 minutes, so if you come back to it within that time you will be redirected straight to the consent form.
The OpenID Connect client has also two other tabs – “Provider details” and “Client details” where you can configure it to speak to another public OpenID Connect server (IdP). We intend to add more OpenID Connect request options to the client UI in future.