Where to begin with OIDC and SIOP

and how today’s most powerful authentication mechanisms can be decentralized

What is OpenID & OpenID Connect

The first seeds of OpenID were sprouted at the very first Internet Identity Workshop in 2005. All the companies interested in URL-based protocols got together and collaborated together on their various models for designing authentication for users against URLs they controlled, like their personal blogs. This protocol has evolved and the latest iteration is based on sophisticated OAuth (Open Authorization) standards and tooling.

OpenID Login Flow

How do decentralized identity systems work?

In this conceptual framework, the “Identity Provider” has been cut down a notch, and is instead referred to as a mere “Issuer” (of credentials and information, perhaps of identities over which it has less control).Similarly, the “user” is defined less by borrowed tools and more by owned ones, assuming the title of “Holder” of information and identity, whether issued or self-issued.. The “verifier” relies less on the identity provider, choosing instead to verify information and identities presented by their holder on their own terms (with some cryptographic assurances about the issuer).

How OpenID and Decentralized ID can fit together

One of the big challenges for any new technology that needs an identity system is getting adoption of the needed components so the system can actually work at a sustainable scale. This usually required buy-in from various kinds of actors in an ecosystem: at the very least, it needs critical mass of users/holders, IPs/issuers, and RPs/verifiers, each maintaining their end of the infrastructure and “keeping the lights on,” as it were.

Further Reading

The purpose of the DID Authentication Working Group at DIF is to design, recommend, and implement authentication protocols that rely on open standards and cryptographic protocols tailored to today’s and tomorrow’s systems for handling DIDs and DID documents, the primitives of decentralized identities. In last six months, the group has been actively working on the OIDC bridge, and they presented their latest work at DIF’s June 2020 virtual “face to face” meeting:



DIF is building decentralized identity technology and standards

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store

Independent Advocate for the Rights and Dignity of our Digital Selves. Expert and Consultant in Self-Sovereign , Decentralized (Blockchain) Identity.