OpenID Connect allows your application to verify the identity of a user and obtain basic profile information, known as claims, using a third-party authorisation service.
For example, a user can choose to sign in using their Google account. They would then be forwarded to a Google sign-in page and, on successful authorisation, their credentials would be passed back to your application.
The OpenID Connect protocol builds on OAuth 2.0 so to use OpenID Connect authentication you must first create an OAuth Configuration that connects to your OpenID Connect provider.
To configure OpenID Connect authentication, choose Use OpenID Connect under User Authentication Options and create a new OpenID Connection. For more information see here.
You can use the OAuth Scope Override to request additional user information as defined by the authorisation service.
When configuring an OpenID Connect connection you must specify the claim that contains the unique user identifier. This value will be assigned to the USERID field.
Optionally, you can configure an OpenID Connect connection to automatically create user Credentials from the returned claims and can be retrieved using the Security Manager.