Configuring OIDC Authentication Clients

Configuring OIDC authentication clients with OIDC provider metadata.

OpenID Connect (OIDC) is a distributed authentication framework built on the OAuth2 authentication framework. OIDC and OAuth2 are large specifications covering a wide variety of use cases for authorization and authentication. It is beyond the scope of this document to provide a complete explanation of OIDC. See the external resources below for references to applicable specifications.

A simple, typical OIDC authentication process follows these steps.

An end user requests access to a protected resource on a website that has been configured as an OIDC Relying Party (or OIDC client).
The website redirects the end user's browser to an OIDC provider that has been configured to authenticate requests for the requested resource.
The OIDC provider validates the user's authorization status (possibly by requiring login).
The OIDC provider responds to the browser with an authorization grant.
The end user's browser sends the authorization grant to the website (relying party).
The website validates the authorization grant and returns the protected resource that was originally requested by the user.

Many variations of this process are possible, as described in the OIDC specifications, but they all require prior configuration of OIDC Providers and OIDC Relying Parties. This process is known as "client registration", and results in an OIDC provider and OIDC relying party that can communicate throughout any supported authentication scenario.

These OIDC specifications are implemented in the Titania Delivery OIDC authentication framework.

Note: Only the features and capabilities described in Titania Delivery user documentation are implemented at this time. The OIDC specifications describe other features that are not yet implemented.)

Titania Delivery Administrator's Guide

Configuring OIDC Authentication Clients

In this section: