RSystems
Back to Glossary

Identity · Security

OIDC

Also known as: OpenID Connect

A modern SSO standard built on OAuth 2.0 — like SAML but uses JSON instead of XML, designed for both web and mobile apps.

OIDC — OpenID Connect — is a modern authentication standard built on top of OAuth 2.0. Like SAML, it enables Single Sign-On. Unlike SAML, it uses JSON rather than XML and is designed for both web applications and mobile apps.

If SAML is the enterprise SSO standard, OIDC is the modern web standard. Consumer apps (Sign in with Google, Sign in with Apple) use OIDC. Many newer enterprise applications prefer it as well.

The practical distinction: SAML and OIDC accomplish the same goal — SSO — but OIDC is lighter weight, easier to implement, and better suited to modern applications and mobile. Most identity providers support both.

When setting up SSO for a new application, you'll be asked which protocol it supports. SAML is the safe default for legacy enterprise apps; OIDC is increasingly common in newer products. Understanding which one you're working with matters for troubleshooting — a failed SAML assertion and a failed OIDC token exchange fail differently and require different investigation.

Related Terms

Identity

SAML

The protocol behind enterprise SSO — log into your identity provider once and gain access to connect

Read

Identity

SSO

Sign in once and access all connected applications — one identity instead of separate credentials fo

Read

Microsoft

Entra ID

Microsoft's cloud identity service — verifies who someone is and controls what they can access. Form

Read