Authlib Authlib Authlib
    • Authlib OAuth, JOSE, OpenID, etc.
    • JOSE RFC JWS, JWE, JWK, and JWT.
    • OTP Auth One time password, HOTP/TOTP.
  • Sponsor me
/
  • latest
  • stable
  • v1.2.1
  • v1.2.0
  • v1.1.0
  • v1.0.1
  • v1.0.0
  • v0.15.5
  • v0.15.4
  • v0.15.3
  • v0.15.2
  • v0.15.1
  • v0.15
  • v0.14.3
  • v0.14.2
  • v0.14.1
  • v0.14
  • v0.13
  • v0.12.1
  • v0.12
  • v0.11
Authlib
Get a commercial license at authlib.org
  • Get Started
    • Introduction
    • Installation
    • Logging
  • OAuth Clients
    • OAuth 1 Session
    • OAuth 2 Session
    • OAuth for Requests
    • OAuth for HTTPX
    • Web OAuth Clients
    • Flask OAuth Client
    • Django OAuth Client
    • Starlette OAuth Client
    • FastAPI OAuth Client
    • Client API References
  • JOSE Guide
    • JSON Web Signature (JWS)
    • JSON Web Encryption (JWE)
    • JSON Web Key (JWK)
    • JSON Web Token (JWT)
  • OAuth & OpenID Connect
    • OAuth 1.0
    • OAuth 2.0
    • OpenID Connect
  • Flask OAuth Providers
    • Flask OAuth 1.0 Server
    • Flask OAuth 2.0 Server
  • Django OAuth Providers
    • Django OAuth 1.0 Server
    • Django OAuth 2.0 Server
  • Specifications
    • RFC5849: The OAuth 1.0 Protocol
    • RFC6749: The OAuth 2.0 Authorization Framework
    • RFC6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage
    • RFC7009: OAuth 2.0 Token Revocation
    • RFC7515: JSON Web Signature
    • RFC7516: JSON Web Encryption
    • RFC7517: JSON Web Key
    • RFC7518: JSON Web Algorithms
    • RFC7519: JSON Web Token
    • RFC7523: JWT Profile for OAuth 2.0 Client Authentication and Authorization Grants
    • RFC7591: OAuth 2.0 Dynamic Client Registration Protocol
    • RFC7592: OAuth 2.0 Dynamic Client Registration Management Protocol
    • RFC7636: Proof Key for Code Exchange by OAuth Public Clients
    • RFC7638: JSON Web Key (JWK) Thumbprint
    • RFC7662: OAuth 2.0 Token Introspection
    • RFC8037: CFRG Elliptic Curve Diffie-Hellman (ECDH) and Signatures in JSON Object Signing and Encryption (JOSE)
    • RFC8414: OAuth 2.0 Authorization Server Metadata
    • RFC8628: OAuth 2.0 Device Authorization Grant
    • OpenID Connect 1.0
  • Community
    • Funding
    • Support
    • Security Vulnerability
    • Contribution
    • Awesome Articles and Projects
    • Sustainable
    • Authors
    • Authlib Licenses
  • Changelog

On this page

  • Authorization Code Flow
  • Implicit Flow
  • Hybrid Flow
lepture/authlib 0 0
Edit this page
  • Authlib/
  • OAuth & OpenID Connect/
  • OpenID Connect/
  • OpenID Connect Core

OpenID Connect Core¶

This section is about the core part of OpenID Connect. Authlib implemented OpenID Connect Core 1.0 on top of OAuth 2.0. It enhanced OAuth 2.0 with:

  1. OpenIDCode extension for Authorization code flow

  2. OpenIDImplicitGrant grant type for implicit flow

  3. OpenIDHybridGrant grant type for hybrid flow

Authorization Code Flow¶

Implicit Flow¶

Hybrid Flow¶

Previous
Introduce OpenID Connect
Next
OpenID Connect Discovery

© 2017, Hsiaoming Ltd

Made with Sphinx and Shibuya theme.