The Magic Behind OIDC - Understanding Open ID Connect for Workload Identity

Explore the intricacies of Open ID Connect (OIDC) in this 34-minute conference talk by Eddie Zaneski from Chainguard. Delve into the fundamentals of OIDC as an identity authentication mechanism built on OAuth 2.0, and discover its crucial role in workload identity federation within the Cloud Native ecosystem. Learn how OIDC enables CI pipelines to obtain API tokens for cloud providers without relying on long-lived secrets. Gain a comprehensive understanding of the OIDC specification and its application in securing workloads through machine identities. Examine practical examples of OIDC implementation in open-source projects such as Kubernetes, SPIFFE/SPIRE, and Sigstore, showcasing the technology's versatility and potential in enhancing security across cloud-native environments.

Who Are You? I Really Want to Know… the Magic Behind OIDC - Eddie Zaneski, Chainguard