OpenID Connect (OIDC) is an identity layer built on top of the OAuth 2.0 protocol, enabling clients to verify the identity of the end-user based on the authentication performed by an authorization server. The following terms are part of OpenID Connect terminology:
* Claims: These are pieces of information about the user (e.g., name, email, etc.) that are returned in the ID token or userinfo response. Claims represent the attributes of the authenticated user and are essential for conveying identity information.
* Scope: This defines the level of access requested by the client application. In OpenID Connect, scopes are used to specify what claims should be returned in the ID token or userinfo response. For example, theopenidscope is required for OpenID Connect authentication, while additional scopes likeprofileor emailcan request more user details.
The other options are not directly part of OpenID Connect terminology:
* Metadata: While metadata exists in the context of OpenID Connect (e.g., provider configuration metadata), it is not a core term within the protocol itself.
* Assertion: This term is more commonly associated with SAML (Security Assertion Markup Language) rather than OpenID Connect.
SAP Customer Data Cloud References:
* SAP Customer Data Cloud supports OpenID Connect as part of its identity management capabilities.
The platform allows integration with OIDC-compliant identity providers.
* Official SAP Documentation:SAP Customer Data Cloud - OpenID Connect Integration.
* OpenID Connect Core Specification:OpenID Connect Core 1.0.