Federation

OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It enables clients to verify the identity of the user as well as obtain basic profile information about the user. The Extended Authentication Profile (EAP) ACR Values enable relying parties to request that the authentication server perform phishing-resistant authentication or phishing-resistant authentication with a hardware-protected key. The authorization server can satisfy these policies by using W3C scoped credentials (WebAuthn) or FIDO authenticators.