standards based protocols

OAuth 2.0 and OIDC

Express uses both OAuth 2.0 and OpenID Connect protocols:

  • OAuth 2.0 provides authorized access to protected resources.
  • OpenID Connect (OIDC) provides an identity layer on top of OAuth 2.0.

OAuth 2.0 lets you set up access to your resources without sharing your account information. OpenID Connect lets a client application read basic information about a user over REST. For more information, see the ForgeRock Access Management OpenID Connect 1.0 Guide.

OAuth 2.0 works with different client types, as defined in RFC6749.

For more information on how the Express processes OAuth 2.0 and OpenID Connect flows, see the following Access Management documents: