HomeAPI ReferenceGuidesDiscussions
API Reference

OpenIdProvider

OpenID Connect JSON Web Token

OttoLearn supports single sign-on (SSO) for our desktop and mobile apps through OpenID Connect.

If you're interested in using this feature, contact our support team.

ID Token
Full specification: http://openid.net/specs/openid-connect-core-1_0.html#IDToken

The ID Token is a security token formatted as a JWT (JSON Web Token) that is used to assert claims about a user to OttoLearn.

Required Fields
Authentication Claims:
iss - Issuer is a URL using the https:// schema (Eg. https://example.com)
sub - Subject is a locally unique identifier for the user that is never reassigned (Eg. User Id or UUID)
aud - Audience is the name of the client that the ID token is for (Eg. otto-learner-web-client or otto-admin-web-client)
exp - Expiration time on or after which the ID Token MUST NOT be accepted. Number of seconds since unix epoch
iat - The time at which the ID Token was issued. Number of seconds since unix epoch

User Profile Claims:
preferred_username - The username of the user
email - The email address of the user
email_verified - Is the email address verified

{
    "iss": "https://example.com",
    "sub": "2134913",
    "aud": "otto-learner-web-client",
    "exp": 1519655938,
    "iat": 1519655960,

    "preferred_username": "john.smith",
    "email": "[email protected]",
    "email_verified": true
}

ID Token Signing and Encryption
The ID Token MUST be signed and may optionally be signed and encrypted using any supported JWA format.

The above ID Token example signed as a JWT with the HS256 algorithm using the preshared key 'secret'

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tIiwic3ViIjoiMjEzNDkxMyIsImF1ZCI6Im90dG8tbGVhcm5lci13ZWItY2xpZW50IiwiZXhwIjoxNTE5NjU1OTM4LCJpYXQiOjE1MTk2NTU5NjAsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4uc21pdGgiLCJlbWFpbCI6ImpvaG4uc21pdGhAZXhhbXBsZS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZX0.R1f7PggR1bt92LSM9rCSa52TjIRIwrTv3Xqt8RB6qvM

Passing ID Token to client (Implicit Flow)

https://neotest.mlearn.io/Admin/#id_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tIiwic3ViIjoiMjEzNDkxMyIsImF1ZCI6Im90dG8tbGVhcm5lci13ZWItY2xpZW50IiwiZXhwIjoxNTE5NjU1OTM4LCJpYXQiOjE1MTk2NTU5NjAsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4uc21pdGgiLCJlbWFpbCI6ImpvaG4uc21pdGhAZXhhbXBsZS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZX0.R1f7PggR1bt92LSM9rCSa52TjIRIwrTv3Xqt8RB6qvM

https://neotest.mlearn.io/Client/Login/login.html#id_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2V4YW1wbGUuY29tIiwic3ViIjoiMjEzNDkxMyIsImF1ZCI6Im90dG8tbGVhcm5lci13ZWItY2xpZW50IiwiZXhwIjoxNTE5NjU1OTM4LCJpYXQiOjE1MTk2NTU5NjAsInByZWZlcnJlZF91c2VybmFtZSI6ImpvaG4uc21pdGgiLCJlbWFpbCI6ImpvaG4uc21pdGhAZXhhbXBsZS5jb20iLCJlbWFpbF92ZXJpZmllZCI6dHJ1ZX0.R1f7PggR1bt92LSM9rCSa52TjIRIwrTv3Xqt8RB6qvM