OpenID Connect Federation


OpenID Connect Federation specifies how a Relying Party (RP) can discover metadata about an OpenID Connect Provider (OP), and then register to obtain client credentials.

During discovery and registration there is no automated mechanism for the OpenID Connect Provider or the Relying Party to verify the information exchanged during this process. All the information is self-asserted.

In an identity federation context this is not sufficient. The participants of the federation must be able to trust information provided about other participants in the federation.

OpenID Connect Federation describes how an identity federation can be built around a trusted third party, the federation operator.

Some other OpenID Connect Federation spcifications:

More Information#

There might be more information for this subject on one of the following: