What is OpenID connect?
OpenID Connect lets developers authenticate their users across websites and apps without having to own and manage password files. It is an interoperable authentication protocol based on the OAuth 2.0 family of specifications. It uses a straightforward REST/JSON message flow with a design goal of simplification. It makes it easy for developers to integrate compared to previous identity protocols.
OpenID Connect allows for clients of all types, including browser-based JavaScript and native mobile apps, to launch sign-in flows and receive verifiable assertions about the identity of signed-in users.
The digital handshake
(Identity, Authentication) + OAuth 2.0 = OpenID Connect
OpenID Connect is like a digital handshake, connecting services and authenticating the existing records associated with the consumer making the request. OpenID Connect allows companies to log into an existing account in order to confirm the identity of an existing consumer. It authenticates whether a person is associated with a record that your company already has on them. This resolves the need to validate requests that come in from consumers, confirms whether the person making the request is a real person and not a bot, and determines if the person has the authority to access the account.
Leveraging single sign-on (SSO) authentication for consumer and data subject request webforms allows the system data to confirm that the person requesting access has an account. This makes identity verification so much easier and faster.
OpenID connect advantages for the California Consumer Privacy Act (CCPA) ID verification compliance
Under the CCPA, California residents have the right to submit consumer requests for their personal information, as well as the right to delete or opt-out of the sale of their personal information. Included in these rights is the requirement that organizations processing these requests for personal information verify the identity of the person making the request.
OIDC customization advantages that benefit organizations during set up include:
- Full control over verification steps and the user interface, maintaining an excellent customer experience
- A lightweight, widely supported solution
- An ideal option for more complex ID verification processes, such as selfie scans, device fingerprinting, ID scan, and existing authentication frameworks
It is important to note that OneTrust currently can only support integration partnerships with identity providers (IdP) that can leverage the implicit grant type.
OpenID connect in practice
Logging into your account is as simple as logging into a Google account. Instead of creating a whole new account with brand new information that you must manually enter, OpenID Connect prepopulates the information you allow the account to use. This makes the user experience that much more seamless and bypasses an administrative step.
OpenID Connect is a huge timesaver, elevating the quality of the consumer and data subject requests and streamlining the process for responding.
Conclusion
OpenID Connect is a huge timesaver and will improve the quality of your data while helping you maintain compliance with privacy laws like the CCPA and GDPR. To learn more, request a demo today.
