--- icon: shield-check label: OpenID Connect (OIDC) order: 100 expanded: false --- # VerifEye OpenID Connect Service VerifEye provides a specialized OpenID Connect (OIDC) service that enables biometric verification as an authentication factor within identity providers like Okta. This service acts as a bridge between your verification configurations and your user management system, allowing you to leverage VerifEye's biometric capabilities in a standardized authentication flow. ## Regional Availability The VerifEye OIDC service is available in two regions for optimal performance and data compliance: - **EU (Europe)**: `https://verifeye-oidc-eu.realeyes.ai/` - **US (United States)**: `https://verifeye-oidc-us.realeyes.ai/` Choose the region closest to your users or that aligns with your data residency requirements. ## Key Endpoints The OIDC service provides standard OpenID Connect endpoints for integration: | Endpoint | Path | Description | |----------|------|-------------| | **Authorization** | `/v1/openid/authorize` | Initiate authentication flow | | **Token** | `/v1/openid/token` | Exchange authorization code for tokens | | **JWKS** | `/v1/openid/jwks` | JSON Web Key Set for token verification | | **Verify Result** | `/v1/openid/verify-result` | Callback endpoint for verification results | ## Authentication Flow The service follows the standard OAuth 2.0/OIDC authorization code flow: 1. User is redirected to VerifEye authorization endpoint 2. Biometric verification is performed using your configured verification settings 3. Upon completion, user is redirected back to identity provider with authorization code 4. Identity provider exchanges the code for access and ID tokens 5. User authentication is complete ## Integration Guides Learn how to integrate VerifEye OIDC with popular identity providers: [!ref text="Okta Integration"](okta-integration.md) --- ## Additional Resources For detailed information about OpenID Connect specifications and best practices: - [OpenID Connect Specification](https://openid.net/connect/) - [OAuth 2.0 Authorization Framework](https://datatracker.ietf.org/doc/html/rfc6749) - [JWT Token Specification](https://datatracker.ietf.org/doc/html/rfc7519)