What is OIDC (OpenID Connect)?
An identity layer on top of OAuth2 that provides user authentication.
OpenID Connect (OIDC) is an authentication protocol built on top of OAuth2. While OAuth2 handles authorization ('what can you do'), OIDC adds authentication ('who are you') via an ID Token (a JWT containing user claims like email and name). Kubernetes uses OIDC for user authentication and for IRSA (EKS pod-to-AWS role trust). GitHub Actions uses OIDC to authenticate to cloud providers without storing long-lived credentials as secrets.
More Security Terms
DevSecOps
Integrating security practices into every stage of the DevOps pipeline.
Falco
A runtime security tool that detects anomalous behavior in containers using eBPF/syscalls.
JWT (JSON Web Token)
A compact, self-contained token format for transmitting claims between parties.
mTLS (Mutual TLS)
Two-way TLS authentication where both client and server verify each other's certificates.
OAuth2
An authorization framework allowing third-party apps limited access to user accounts.
OPA (Open Policy Agent)
A general-purpose policy engine for enforcing authorization decisions across the stack.
Test your knowledge of OIDC (OpenID Connect) and 130 other DevOps concepts