End-user Identity for Apps and APIs
Signup and login with a Google, Yahoo, or Microsoft account can be found in more and more web and mobile apps. One login used by many, freeing the end-user from the burden of managing many accounts and passwords. Signup and login to a new app becomes so smooth and convenient, that end-users are much more likely to try a new app.
For us developers of web and mobile apps, these signup and login features are attractive, too: we do not need to manage user credentials, and we get a higher conversion rate resulting in more new customers. In effect, this means cutting costs and increasing the number of new customers for our apps.
So how does this feature “Signup and login with Google, Yahoo, or Microsoft” work? It is realized with OpenID Connect, a standardized protocol for sharing end-user data in a secure and controlled manner. Exploring how OpenID Connect works, so we as developers can enjoy its benefits is the subject of this book.
This book explains the overall concept of OpenID Connect, so we understand who the actors are, which endpoints and tokens are involved and how these elements interact in so-called flows. These flows tend to get confusing, so we visualize these flows as sequence diagrams, and show how to choose the flow that is appropriate for a given scenario. Using examples, we explore how the tokens are constructed, signed and encrypted with JWT, JWS, and JWE.
In short, we study OpenID Connect, so we can get our app to work with OpenID Connect. And OpenID Connect is the standard behind creating smooth login and signup experiences, increasing the customer signup rate, and creating highly converting apps.
The API-University Series is a modular series of books on API-related topics. Each book focuses on a particular API topic, so you can select the topics within APIs, which are relevant to you.
Keywords: OpenID Connect, REST, API, JWT, Token, Identity, OAuth
Title: OpenID Connect – End-user Identity for Apps and APIs