Anyone With information on the support for "Open ID Connect" in the NeXT release of Oracle Access Manager?
- dates GA / rolled out ?
- support for all flows :
- Authorisation code flow — the most commonly used flow, intended for traditional web apps as well as native / mobile apps. Involves an initial browser redirection to / from the OP for user authentication and consent, then a second back-channel request to retrieve the ID token. This flow offers optimal security, as tokens are not revealed to the browser and the client app can also be authenticated.
- Implicit flow — for browser (JavaScript) based apps that don’t have a backend. The ID token is received directly with the redirection response from the OP. No back-channel request is required here.
- Hybrid flow — rarely used, allows the app front-end and back-end to receive tokens separately from one another. Essentially a combination of the code and implicit flows.
Source: https://connect2id.com/learn/openid-connect
Thank you.