The OpenID Connect (OIDC) Architecture Map

Hi,

Yet another map! This map is part of my series of Architecture Maps:

• The OpenID Connect (OIDC) Architecture Map - This map
• The Azure Kubernetes Service (AKS) Architecture Map
• The Cloud-native Azure Application Architect Map
• The Azure Infrastructure Architect Map
• The Azure Security Architect Map
• The Azure Solution Architect Map

This time it is not Azure specific, although the map has some touch points with Azure Active Directory v1 and Microsoft Identity Platform (v2 endpooints).  During my consulting activities, I have realized that OAuth 2.0 and even more OIDC remain quite largely unknown or misunderstood. This map is aimed at describing the OIDC landscape (flows, endpoints, etc.) and when to use what. It is a high level representation including some remarks.

As usual, this map is by no means the holy grail and is just there to highlight some key areas to look at when starting a modern authentication journey. It is also not related to a specific Identity Provider.

As usual, here is a screenshot of the map:

The map focuses on the following areas:

• Endpoints
• Flows
• Token Types
• Channels
• Authorization aspects

How to read this map?

Whenever you see the attachment icon , it means that I have attached an explanation on a given rationale or service. If you see this icon next to a node, it means that I have attached a must-read information.

Here is the pointer to the map:

Here are all my Architecture Maps:

• The OpenID Connect (OIDC) Architecture Map - This map
• The Azure Kubernetes Service (AKS) Architecture Map
• The Cloud-native Azure Application Architect Map
• The Azure Infrastructure Architect Map
• The Azure Security Architect Map
• The Azure Solution Architect Map