Overview

The AAF supports OpenID Connect (OIDC) connectivity and operates an OpenID Provider (OP) which authenticates users who have an account at any AAF subscriber Identity Provider (IdP). This service is a production choice available to AAF subscribers to connect their OIDC services to the Federation.

What you’ll learn

• Attributes and endpoints used for configuration
• How to configure your service to skip discovery service and login directly through a specified IdP.

What you’ll need

• Sufficient experience in undertaking OIDC integration work to create your own Relying Party (RP) components with minimal help from the AAF technical team.
• There are several open-source libraries which implement most of the RP requirements in several languages, GitHub is an excellent resource, as is the OpenID Foundation.
• Refer to the OpenID OIDC Overview and OpenID OIDC Terminology for further information.

The AAF does not offer support or advice in this area, and the choice depends on the subscriber’s strengths and existing knowledge of OIDC integration.

All links in this tutorial are collated on the Links Page.