Single sign-on and federated identity on the web have long been a nightmare. Overly complex XML-based systems are hard to implement in an interoperable way. OAuth 2.0 seems like a good solution but was never built for authentication. As a consequence, many OAuth 2.0-based authentication systems are insecure.
Enter OpenID Connect. Designed for authentication and built on top of OAuth 2.0, OpenID Connect addresses many problems developers have struggled with over the years. This course positions OpenID Connect and explores how to authenticate end users against an identity provider. By applying these principles, you can significantly improve the architecture of your application.