standards based protocols

OAuth 2.0 and OIDC

Express uses both OAuth 2.0 and OpenID Connect protocols:

  • OAuth 2.0 provides authorized access to protected resources.
  • OpenID Connect (OIDC) provides an identity layer on top of OAuth 2.0.

OAuth 2.0 lets you set up access to your resources without sharing your account information. OpenID Connect lets a client application read basic information about a user over REST.

OAuth 2.0 works with different client types, as defined in RFC6749.

For questions or feedback, contact us.