THXNET. White Paper
  • THXNET. Introduction
  • THXNET. Overview
    • Blockchain Layer
    • Application Layer
    • Data Mesh Layer
  • Hybrid Web3-as-a-Service
  • OpenID Connect
  • Data Mesh
  • Web3 + Data Mesh
  • ID-Wallet and Interoperability
    • Advanced Models of ID-Wallet
  • Hybrid Tokenization & Interoperability
  • Connect2Earn and Share2Earn
  • Layered DAO
    • Leafchain Box
  • Tokenomics
  • Development and Operation
  • Sandbox
  • Roadmap
  • Future Works
  • Launched Services
  • FAQ
  • Update History
Powered by GitBook
On this page
  • Standard Protocol Overview
  • Conventional Authentication Flow
  • THXNET.'s Self-Sovereign Authentication Model

OpenID Connect

PreviousHybrid Web3-as-a-ServiceNextData Mesh

Last updated 13 days ago

Standard Protocol Overview

OpenID Connect (OIDC) is an authentication protocol that extends the OAuth 2.0 authorization framework. This industry-standard protocol enables third-party applications (OIDC Clients) to verify end-user identities and obtain basic profile information through secure, standardized procedures.

Common implementations of this protocol include the familiar "Sign in with Google" or "Sign in with Facebook" authentication options present across numerous digital platforms.

Conventional Authentication Flow

The standard OIDC implementation (typically following the Hybrid Flow model) proceeds through these sequential steps:

  1. The end-user initiates authentication by attempting to access a secure resource within the client application.

  2. The client application redirects the end-user to the designated authorization server.

  3. The end-user authenticates with the authorization server by providing valid credentials, typically username and password.

  4. The end-user reviews and either accepts or declines the client application's request to access specific personal information.

  5. Upon successful authentication and authorization, the authorization server transmits an authorization code to the client application.

  6. The client application exchanges this authorization code for both an access token and an ID token from the authorization server.

  7. The client application validates the ID token, extracts the user's identity information, and establishes an authenticated session for the end-user, granting access to protected resources.

This methodology allows client applications to delegate authentication responsibilities to trusted identity providers, reducing credential management complexity and enhancing overall security posture.

THXNET.'s Self-Sovereign Authentication Model

THXNET. transforms this paradigm by empowering end-users to function as their own authorization servers. Our platform encourages client applications to utilize the end-user's address as the primary identifier for user data records within their services and databases.

Within this framework, end-users maintain complete autonomy over their personal information, including:

  • Selective disclosure of personal information to service providers

  • Self-management of personal information updates

  • Direct information distribution to authorized client applications (typically organizations operating on Leafchains)

  • Capability to revoke previously granted information access privileges from any organization or business at any time

This self-sovereign approach represents a fundamental shift in digital identity management, placing control firmly in the hands of individual users while maintaining compatibility with existing application infrastructures.

ID-Wallet