Skip to content
Connect2id
Connect2id server

Minimal or fully customised OpenID Connect server - the choice is yours

Practical digital identity has to be simple and reliable, yet also flexible enough to cover all typical real-world applications.

Organisations differ, and so do the ways in which they authenticate users, attribute authorisations to them and then consume the resulting identity data. With that understanding in mind we figured out that a one-size-fits-all OpenID Connect server will do poorly in practice, when concrete customer cases need to be faced.

What can you expect from the Connect2id server?

The basics fully covered

Number one - a simple OpenID Connect server that works straight out of the box and ticks all the important boxes. We expect that for many clients the stock version will be sufficient; they would not need to do anything more.

Extend or customise where necessary

Should your business have a particular requirement that is not covered in the stock version, the Connect2id server provides plenty of ways to fit in.

For example:

  • Fully customisable login, consent and authorisation management pages. You can stick with the default login pages, or you can design your own to suit the appearance of your company identity or customise the user experience in the browser / mobile device. Moreover, the UI pages can be hosted on any server, at any URL, written in any language such Java/JSP, PHP, RoR, etc.

  • Pluggable authentication. LDAP - based username / password is supported authentication out of the box. You are free to replace it with your preferred authentication mechanism, or add additional factors such as biometrics or token devices to achieve 2FA.

  • User sessions. The user sessions with the OpenID Connect server can be configured to match your policies for session duration, idle time and maximum number of associated browsers / devices.

  • Support additional scopes for other OAuth 2.0 applications. The access token issued by the OpenID Connect server can be furnished with additional scopes, beyond the standard ones, to grant users access to other protected resources, and not just the OIDC UserInfo endpoint. The scopes attached to the token can be explicitly or implicitly consented to, based on your user / application / other policy.

  • Include custom claims in the ID Token: The ID token issued by OpenID Connect can be set to include additional arbitrary claims, such as details of the authentication event (IP address, geolocation) and user attributes.

  • Custom claims sources The Connect2id server supports LDAP - based claims sources (for UserInfo etc) out of the box. Should you need to integrate additional sources, the server offers a simple API for that, which is also published as open source code.

Get in touch with us to find out more about OpenID Connect and how you can utilise it in your business. We would be glad to help.