4.1. Implementation via OpenID Connect (OIDC)

This section will introduce you to the technical aspects of the implementation of MojeID into web applications via the OpenID Connect protocol.

We recommend to study this text in order to properly understand the principles and processes of MojeID / OpenID Connect. Most of the things described here can be solved by using available libraries for the implementation of OpenID Connect that we recommend to use.

The Implementation Process Overview section will take you through the implementation process step by step. Other sections describe the individual steps in more details.

The official specification of the OpenID Connect protocol can be found at https://openid.net/specs/openid-connect-core-1_0.html.

MojeID server publishes basic information about OIDC configuration at https://mojeid.cz/.well-known/openid-configuration/.

You can test your implementation using the MojeID Test Instance.

The list of data that can be transferred by the protocol (including their identifiers) is available in the Appendix 1 – List of Data to be Handed Over (OpenID Connect).

Examples and solutions of error messages can be found in the Appendix 6 – Examples and Solution of Error Messages.

Note

All the examples of source code listed below illustrate implementation in Python using the pyoidc library.

Tree of Content

• 4.1.1. Overview of Libraries and Modules
• 4.1.2. Implementation Process Overview
• 4.1.3. Client Registration
  • 4.1.3.1. Manual registration
  • 4.1.3.2. Automatic Registration
    • 4.1.3.2.1. Information about Registration
    • 4.1.3.2.2. Registration Change
• 4.1.4. Requesting Login via MojeID
• 4.1.5. Initiation
• 4.1.6. Requesting Identity Authentication
• 4.1.7. Performing Authentication
• 4.1.8. Response to Authentication
• 4.1.9. Requesting Token
• 4.1.10. Requesting Data
• 4.1.11. MojeID LITE Library
• 4.1.12. Identity verification request with a NIA-paired account