5.13 OAuth and OpenID Connect

Access Manager Identity Server acts as an authorization server. It issues access tokens to a client application based on the user’s grant. A registered third-party client application uses API calls to retrieve the access token for accessing OAuth protected resources. For information about API calls, see the NetIQ Access Manager 5.0 Administration API Guide.

OpenID Connect implements a single sign-on protocol on top of the OAuth authorization process. It allows client applications to verify the identity of a user based on the authentication performed by Identity Server (authorization server). It also allows client applications to obtain a user’s basic profile information.