Authentication with OpenID Connect Relying Party

Security Access Manager supports authentication with OpenID Connect (OIDC) Relying Party.

An OIDC Relying Party is an OAuth 2.0 Client application that requires user authentication and claims from an OpenID Connect Provider. Security Access Manager supports Relying Party (RP) as part of the support of the OAuth 2.0 and OpenID Connect (OIDC) specifications.

Deployment of a Relying Party requires knowledge of OIDC concepts, work flows, and end points. For an overview of the Security Access Manager support for OIDC, see the following topics:

An OpenID Connect (OIDC) Relying Party (RP) is an OAuth client plus an identity management layer. You can invoke an RP connection to Security Access Manager to log a user into WebSEAL. The Security Access Manager implementation of the Relying Party for use during authentication includes, in addition to basic RP functions, an initiation delegate, a reentry delegate, and a context object. The Security Access Manager RP uses the following Security Access Manager features:

The Security Access Manager RP supports the following OpenID Connect (OIDC) features: