Mobile and cloud have changed the needs of enterprise security

Mobile applications and cloud services have presented the enterprise with new security challenges. In order to meet the challenges, a new generation of identity protocols such as OpenID Connect 1.0 have been developed  — built using the same building blocks as the modern applications architectures they must secure — REST APIs and JSON.

OpenID Connect 1.0 profiles and extends OAuth 2.0 to add an identity layer — creating a single framework that promises to secure APIs, mobile native apps and browser applications in a single, cohesive architecture.

This paper:

• Introduces OpenID Connect (Connect)

• Discusses Connect’s features

• Highlights Connect’s applicability to enterprise use cases