Omnibasis Platform supports a number of OpenID Connect and OAuth 2.0 services.


Visit this link to discover OpenID endpoints: https://api.omnibasis.com/.well-known/openid-configuration 


Authentication as a Service

Centralized login logic and workflow for all of your applications (web, native, mobile, services). 


Single Sign-on / Sign-out

Single sign-on (and out) over multiple application types.

Access Control for APIs

Issue access tokens for APIs for various types of clients, e.g. server to server, web applications, SPAs and native/mobile apps.

Federation Gateway

Support for external identity providers like Azure Active Directory, Google, Facebook etc. This shields your applications from the details of how to connect to these external providers.


Supported Specifications

Omnibasis implements the following specifications:


OpenID Connect

  • OpenID Connect Core 1.0 (spec)
  • OpenID Connect Discovery 1.0 (spec)
  • OpenID Connect Session Management 1.0 - draft 28 (spec)
  • OpenID Connect Front-Channel Logout 1.0 - draft 02 (spec)
  • OpenID Connect Back-Channel Logout 1.0 - draft 04 (spec)

OAuth 2.0

  • OAuth 2.0 (RFC 6749)
  • OAuth 2.0 Bearer Token Usage (RFC 6750)
  • OAuth 2.0 Multiple Response Types (spec)
  • OAuth 2.0 Form Post Response Mode (spec)
  • OAuth 2.0 Token Revocation (RFC 7009)
  • OAuth 2.0 Token Introspection (RFC 7662)
  • Proof Key for Code Exchange (RFC 7636)
  • JSON Web Tokens for Client Authentication (RFC 7523)
  • OAuth 2.0 Device Authorization Grant (RFC 8628)
  • OAuth 2.0 Mutual TLS Client Authentication and Certificate-Bound Access Tokens (draft)