# Credify's OpenID Connect
# What's OpenID Connect?
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
access token, while OpenID Connect (OIDC) issues
ID token as well as
ID token has user's authorized claim values encoded.
Scope has many
claims, and each
claim will represent some data like email, phone, profile, etc.
# Available scopes in Credify
# Standard scopes
The following scopes are provided by Credify idX. When you use the Credify's OIDC with the following scopes, users will be able to determine whether or not they will give the permissions to your service. Each piece of data is represented as a claim, but OIDC clients can use scopes to specify which claims they want to receive.
| ||Indication of OpenID Connect to generate ID Token (required)|
| ||This will enable the OIDC clients to call userinfo API if endusers are not logged in|
| ||Phone number|
| ||Addresses associated blockchain accounts if any|
| ||KYC information|
Each scope has a
verified flag as well as the value.
# Custom claims
You can change the
role of your service to
claim provider in Credify Dashboard.
Claim provider can register new custom scopes to provide other participants with its data. Once you register your custom claims, you will need to call Credify's API to attach claim values to idX users, who are also users on your service. Then, other participants will be able to access the data you have shared with idX users.
# Scopes list
There is a list of available scopes in serviceX UI.
# The usage of
Users that go through OIDC will obtain
access token and
Access token allows you to call Credify's
userinfo API to retrieve the user's claim values. All the claim values are encrypted with your encryption public key (RSA key), so only your service can decrypt it.