DevOps Dictionary

OIDC (OpenID Connect) is an authentication layer built on OAuth 2.0 that standardizes how an application confirms a user’s identity and retrieves basic profile claims (such as subject ID and email). It solves the common problem where OAuth alone can grant an app permission to access an API but does not reliably prove who the user is. In a typical flow, the user authenticates with an identity provider, and the app receives an ID token, usually a signed JWT (JSON Web Token), that the app validates to confirm the user, plus optional access tokens for calling protected APIs. With OIDC, teams get consistent single sign on behavior, centralized policy, and uniform token validation across web apps and services; without it, each app tends to implement login differently, increasing security gaps, audit friction, and operational overhead during key rotation and incident response.