Skip to content

Open Id Authentication

szabist edited this page Mar 24, 2021 · 2 revisions

Open ID Connect Authenticaion

Note

OpenId Authenticaion is enabled from SDK version 2.14

What is an Open ID Connect?

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. (Source)

When do you need Open ID Connect

Without OpenId authentication the Emarsys SDK uses contact identification. With this, you can identify your contact, but can't be sure, that no other contact could use the same identification.

With an authenticated user, the user can't be impersonated by someone else. It is sure, that the contact is always the same as the authenticated one.

How to use Open ID Connect from the Emarsys SDK?

To use an OpenId Token as the contact identification, there is no change required in the setup and initialization of the Emarsys SDK.

After the application setup is finished, you can use setAuthenticatedContactWithIdToken method, to identify your user, with an OpenId compliant token. Please note, that the idToken parameter is mandatory.

Note

Please refrain from the usage of both setContact and setAuthenticatedContact because they are mutually exclusive, once one is used, the other one is invalidated.