Overview#

Sid need some context

OpenID Connect#

Sid (Session ID) is defined in OpenID Connect Front-Channel Logout and OpenID Connect Back-Channel Logout as an OPTIONAL String identifier for a Session.

OpenID Connect Front-Channel Logout clearly defines sid claim is for its use as a parameter for frontchannel_logout_uri as well as ID Token claim:

• sid OPTIONAL. Session ID - String identifier for a Session. This represents a Session of a User Agent or device for a logged-in End-User at an RP. Different sid values are used to identify distinct sessions at an OP. The sid value need only be unique in the context of a particular issuer. Its contents are opaque to the RP. Its syntax is the same as an OAuth 2.0 Client Identifier.

OpenID Connect Back-Channel Logout is defined only for its use in Logout Token:* 2.4. Logout Token ... The following Claims are used within the Logout Token: ...

• sid OPTIONAL. Session ID - String identifier for a Session. This represents a Session of a User Agent or device for a logged-in End-User at an RP. Different sid values are used to identify distinct sessions at an OP. The sid value need only be unique in the context of a particular issuer. Its contents are opaque to the RP. Its syntax is the same as an OAuth 2.0 Client Identifier.

There has been a Proposal: Back-Channel Logout 1.0 should also clearly define sid for its use as ID Token claim.

Microsoft Active Directory#

Maybe you should look at SID for Security Identifier

More Information#

There might be more information for this subject on one of the following:

• Backchannel_logout_session_required
• Backchannel_logout_session_supported
• Frontchannel_logout_session_required
• Frontchannel_logout_session_supported
• Frontchannel_logout_uri
• Logout Token
• OpenID Connect Back-Channel Logout
• OpenID Connect Front-Channel Logout
• Openid-configuration