The OpenID Connect module provides a pluggable client implementation for the OpenID Connect protocol.
The server implementation of the protocol is provided by OAuth2 Server.
What is OpenID Connect?
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.
What does the module do?
The module allows you to use an external OpenID Connect login provider to authenticate and log in users on your site. If a user signs in with a login provider for the first time on the website, a new Drupal user will be created.
Google for instance uses OpenID Connect to authenticate users across all of their services. Check out the OpenID Foundation's announcement of launching OpenID Connect.
For a more detailed description and instructions please refer to the documentation.
Supported login providers
Each login provider needs a client, represented by a ctools plugin, located in plugins/openid_connect_client/.
The module ships with two clients: Google and Generic.
Fetching user profile information
Basic user profile information stored by the login provider can be fetched upon login.
The OpenID Connect specification defines a set of standard Claims. Requested user profile information can be saved on the client site, mapping can be configured via a UI.
Sign in block
A standard Drupal block is available to sign in with the login providers for which clients are enabled. A single button is shown for each login provider.