Use an OpenID Connect provider as an OAuth 2.0 authorization server
An OpenID Connect provider can be used as a normal OAuth 2.0 authorization provider to issue an OAuth 2.0 access_token, and support all OAuth 2.0 grant types.
An OpenID Connect provider supports JSON Web Token (JWT) Bearer Token as a grant for requesting an OAuth 2.0 access token, see
JSON Web Token (JWT) for OAuth Client Authorization Grants
andConfiguring an OpenID Connect Provider to accept JSON Web Tokens (JWT) for authorization grants
.If an authorization request is made with an authorization code grant or implict grant type, and if openid scope is not included or approved, the request is handled as a normal OAuth authorization request. An id_token is not issued, and an access_token and refresh_token can be issued.
An OpenID Connect provider can support OAuth authorization flow with Resource Owner Password Credentials Grant or Client Credentials Grant , see
Configuring an OpenID Connect Provider to enable 2-legged OAuth requests
.
Subtopics
JSON Web Token (JWT) for OAuth Client Authorization Grants
JWT for OAuth Client Authorization Grants enables a client to send a signed JWT token to the OpenID Connect Provider in exchange for an OAuth 2.0 access token.
Parent topic:Configure an OpenID Connect Provider