%3CLINGO-SUB%20id%3D%22lingo-sub-1119450%22%20slang%3D%22en-US%22%3EThe%20OIDC%20Map%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1119450%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EYet%20another%20map!%20This%20time%20it%20is%20not%20Azure%20specific%20although%20the%20map%20has%20some%20touch%20points%20with%20Azure%20Active%20Directory%20v1%20and%20Microsoft%20Identity%20Platform%20(v2%20endpooints).%26nbsp%3B%20During%20my%20consulting%20activities%2C%20I%20have%20realized%20that%20OAuth%202.0%20and%20even%20more%20OIDC%20remain%20quite%20largely%20unknown%20or%20misunderstood.%20This%20map%20is%20aimed%20at%20describing%20the%20OIDC%20landscape%20(flows%2C%20endpoints%2C%20etc.)%20and%20when%20to%20use%20what.%20It%20is%20a%20high%20level%20representation%20including%20some%20remarks.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAs%20usual%2C%20this%20map%20is%20by%20no%20means%20the%20holy%20grail%20and%20is%20just%20there%20to%20highlight%20some%20key%20areas%20to%20look%20at%20when%20starting%20a%20modern%20authentication%20journey.%20It%20is%20also%20not%20related%20to%20a%20specific%20Identity%20Provider.%3C%2FP%3E%0A%3CP%3EAs%20usual%2C%20here%20is%20a%20screenshot%20of%20the%20map%3A%3CA%20href%3D%22https%3A%2F%2Fstephaneeyskens.files.wordpress.com%2F2020%2F01%2Fthe-oidc-map.png%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F166248i640F67FFCE741570%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22map.png%22%20title%3D%22The%20OIDC%20Map.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20map%20focuses%20on%20the%20following%20areas%3A%3C%2FP%3E%0A%3CUL%3E%0A%3CLI%3EEndpoints%3C%2FLI%3E%0A%3CLI%3EFlows%3C%2FLI%3E%0A%3CLI%3EToken%20Types%3C%2FLI%3E%0A%3CLI%3EChannels%3C%2FLI%3E%0A%3CLI%3EAuthorization%20aspects%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CP%3E%3CSTRONG%3E%3CFONT%20size%3D%223%22%3EHow%20to%20read%20this%20map%3F%3C%2FFONT%3E%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EWhenever%20you%20see%20the%20attachment%20icon%20%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%2022px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F120128i004B5A4431671EB0%2Fimage-size%2Flarge%3Fv%3D1.0%26amp%3Bpx%3D999%22%20alt%3D%22attachicon.png%22%20title%3D%22attachicon.png%22%20%2F%3E%3C%2FSPAN%3E%2C%20it%20means%20that%20I%20have%20attached%20an%20explanation%20on%20a%20given%20rationale%20or%20service.%20If%20you%20see%20this%20icon%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20style%3D%22width%3A%2041px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Fgxcuf89792.i.lithium.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F162961i50A57F89C5A7423E%2Fimage-dimensions%2F41x39%3Fv%3D1.0%22%20width%3D%2241%22%20height%3D%2239%22%20alt%3D%22attention.png%22%20title%3D%22attention.png%22%20%2F%3E%3C%2FSPAN%3E%26nbsp%3Bnext%20to%20a%20node%2C%20it%20means%20that%20I%20have%20attached%20a%20must-read%20information.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EHere%20is%20the%20pointer%20to%20the%20map%3A%3C%2FP%3E%0A%3CTABLE%20style%3D%22border-collapse%3A%20collapse%3B%20width%3A%20100%25%3B%20height%3A%2030px%3B%22%20border%3D%221%22%3E%0A%3CTBODY%3E%0A%3CTR%20style%3D%22height%3A%2030px%3B%22%3E%0A%3CTD%20style%3D%22width%3A%2050%25%3B%20height%3A%2030px%3B%22%3Ev1.0%20(01%2F2020)%3C%2FTD%3E%0A%3CTD%20style%3D%22width%3A%2050%25%3B%20height%3A%2030px%3B%22%3E%3CA%20href%3D%22https%3A%2F%2Fapp.mindmapmaker.org%2F%23m%3Amm18d44ff30c7945ca98068d0d0429a696%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fapp.mindmapmaker.org%2F%23m%3Amm18d44ff30c7945ca98068d0d0429a696%3C%2FA%3E%3C%2FTD%3E%0A%3C%2FTR%3E%0A%3C%2FTBODY%3E%0A%3C%2FTABLE%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-1119450%22%20slang%3D%22en-US%22%3E%3CP%3ETrying%20to%20find%20your%20way%20with%20Modern%20Authentication%20and%20OIDC%3F%20This%20might%20help%20you%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1131588%22%20slang%3D%22en-US%22%3ERe%3A%20The%20OIDC%20Map%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1131588%22%20slang%3D%22en-US%22%3E%3CP%3EGreat%20map%20-%20thanks%20for%20sharing!%20Perhaps%20make%20it%20slightly%20clearer%20by%20adding%20the%20text%20%22Authorization%20Code%20Flow%22%20next%20to%20PKCE%20for%20SPA's%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E

Hi,

 

Yet another map! This time it is not Azure specific although the map has some touch points with Azure Active Directory v1 and Microsoft Identity Platform (v2 endpooints).  During my consulting activities, I have realized that OAuth 2.0 and even more OIDC remain quite largely unknown or misunderstood. This map is aimed at describing the OIDC landscape (flows, endpoints, etc.) and when to use what. It is a high level representation including some remarks.

 

As usual, this map is by no means the holy grail and is just there to highlight some key areas to look at when starting a modern authentication journey. It is also not related to a specific Identity Provider.

As usual, here is a screenshot of the map:The OIDC Map.png

 

The map focuses on the following areas:

  • Endpoints
  • Flows
  • Token Types
  • Channels
  • Authorization aspects

How to read this map?

 

Whenever you see the attachment icon attachicon.png, it means that I have attached an explanation on a given rationale or service. If you see this iconattention.png next to a node, it means that I have attached a must-read information.

 

Here is the pointer to the map:

v1.0 (01/2020) https://app.mindmapmaker.org/#m:mm18d44ff30c7945ca98068d0d0429a696
1 Comment
Occasional Visitor

Great map - thanks for sharing! Perhaps make it slightly clearer by adding the text "Authorization Code Flow" next to PKCE for SPA's?