OpenID Connect Flows

Deep dive guide throughout processes of obtaining Access Token in OpenID Connect.

In today’s text I will describe and explain OpenID Connect Flows. The processes of authentication described in OpenID Connect specification. As OpenID Connect is built upon OAuth part of the concepts below will have the same meaning as in case of OAuth. If you want to start your journey by reading about OAuth then here you can learn more.

Table of Content

· What is an OpenID Connect Flow?
· OpenID Connect Flows
· Flows Lexicon
∘ Authorization Code Flow
∘ Implicit Flow
∘ Hybrid Flow
· Summary

What is an OpenID Connect Flow?

Flow is OpenID Connect counterpart of OAuth Grant Type. It is a process of obtaining an Access Token. It describes the exact sequence of steps involved in handling a particular request. Flow affects how applications involved in handling particular requests communicate with one another.

Everything is more or less similar to Grant Types from OAuth. However there is a slight difference in how the abstract protocol works in OpenID Connect.