# connect2id_oauth-2.0-sdk-with-openid-connect-extensions

**Repository Path**: mirrors_community_bitbucket/connect2id_oauth-2.0-sdk-with-openid-connect-extensions

## Basic Information

- **Project Name**: connect2id_oauth-2.0-sdk-with-openid-connect-extensions
- **Description**: No description available
- **Primary Language**: Unknown
- **License**: Apache-2.0
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2021-06-04
- **Last Updated**: 2025-09-06

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# Nimbus OAuth 2.0 & 2.1 SDK with OpenID Connect extensions

Copyright (c) Connect2id Ltd., 2012 - 2025

This open source SDK is your starting point for developing OAuth 2.0 and OpenID
Connect applications in Java. It is provided under the terms of the [Apache 2.0 
license](https://www.apache.org/licenses/LICENSE-2.0).

## About OAuth 2.0 and 2.1

[OAuth 2.0](https://connect2id.com/learn/oauth-2) is an authorisation framework 
for a third-party application to obtain limited access to an HTTP service, 
either on behalf of a resource owner (the user), or by allowing the third-party 
application to obtain access on its own behalf.

OAuth 2.0 is specified in [RFC 6749](http://tools.ietf.org/html/rfc6749) and 
its companion specifications.

[OAuth 2.1](https://connect2id.com/learn/oauth-2-1) is a [working 
draft](https://tools.ietf.org/html/draft-ietf-oauth-v2-1-09) that rolls the 
original OAuth 2.0 RFC and best practises established over the years into a 
simpler, safer and more streamlined authorisation framework.


## About OpenID Connect 1.0

[OpenID Connect 1.0](https://connect2id.com/learn/openid-connect) is a simple 
identity layer on top of the OAuth 2.0 framework. Relying parties (clients) 
verify the identity of the user based on the authentication performed by an 
authorisation server, as well as to obtain basic profile information about the 
user in an interoperable and REST-like manner.

OpenID Connect enables clients of all types, including Web-based, mobile, and 
JavaScript clients, to request and receive information about authenticated 
sessions and end-users. The specification suite is extensible, allowing 
optional encryption of identity data, discovery of OpenID Providers, and 
session management.

Go to the [OpenID Connect specifications](http://openid.net/connect/) for more 
details.


## Code examples

The SDK page on the Connect2id website has a section with [code
examples](https://connect2id.com/products/nimbus-oauth-openid-connect-sdk/examples).  


## Standards and drafts

This SDK version implements the following standards and drafts:

* The OAuth 2.0 Authorization Framework (RFC 6749)

* The OAuth 2.1 Authorization Framework (draft-ietf-oauth-v2-1-11)

* The OAuth 2.0 Authorization Framework: Bearer Token Usage (RFC 6750)

* OAuth 2.0 Token Introspection (RFC 7662)

* OAuth 2.0 Token Revocation (RFC 7009)

* OAuth 2.0 Authorization Server Metadata (RFC 8414)

* OAuth 2.0 Dynamic Client Registration Protocol (RFC 7591)

* OAuth 2.0 Dynamic Client Registration Management Protocol (RFC 7592)

* Assertion Framework for OAuth 2.0 Client Authentication and Authorization
  Grants (RFC 7521)

* JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and
  Authorization Grants (RFC 7523)

* SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization
  Grants (RFC 7522)

* Proof Key for Code Exchange by OAuth Public Clients (RFC 7636)

* Authentication Method Reference Values (RFC 8176)

* OAuth 2.0 Authorization Server Metadata (RFC 8414)

* OAuth 2.0 Mutual TLS Client Authentication and Certificate Bound Access
  Tokens (RFC 8705)

* OAuth 2.0 Demonstrating Proof-of-Possession at the Application Layer
  (DPoP) (RFC 9449)

* Resource Indicators for OAuth 2.0 (RFC 8707)

* OAuth 2.0 Device Authorization Grant (RFC 8628)

* OAuth 2.0 Token Exchange (RFC 8693)

* OAuth 2.0 Incremental Authorization (draft-ietf-oauth-incremental-authz-04)

* The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request 
  (JAR) (RFC 9101)

* OAuth 2.0 Pushed Authorization Requests (RFC 9126)

* OAuth 2.0 Authorization Server Issuer Identification (RFC 9207)

* OAuth 2.0 Rich Authorization Requests (RFC 9396)

* OpenID Connect Core 1.0 (2014-02-25)

* OpenID Connect Core Unmet Authentication Requirements 1.0 (2019-05-08)

* OpenID Connect Discovery 1.0 (2014-02-25)

* OpenID Connect Dynamic Registration 1.0 (2014-02-25)

* OpenID Connect Session Management 1.0 (2022-09-12)

* OpenID Connect RP-Initiated Logout 1.0 (2022-09-12)

* OpenID Connect Front-Channel Logout 1.0 (2022-09-12)

* OpenID Connect Back-Channel Logout 1.0 (2023-12-15)

* OpenID Connect Native SSO for Mobile Apps 1.0 - draft 07

* OpenID Connect Client Initiated Backchannel Authentication (CIBA) Flow -
  Core 1.0

* OpenID Connect Extended Authentication Profile (EAP) ACR Values 1.0 -
  draft 00

* OpenID Connect for Identity Assurance 1.0 - draft 12

* OpenID Federation 1.0 - draft 29

* Initiating User Registration via OpenID Connect 1.0 (2022-12-02)

* OAuth 2.0 Multiple Response Type Encoding Practices 1.0 (2014-02-25)

* Financial Services – Financial API - Part 1: Read Only API Security
  Profile (2021-03-12)

* Financial Services – Financial API - Part 2: Read and Write API Security
  Profile (2021-03-12)

* Financial-grade API: JWT Secured Authorization Response Mode for OAuth
  2.0 (JARM) (2018-10-17)


## Questions or comments? 

Email [Connect2id tech support](https://connect2id.com/contact#support).