To understand this API's various URL resources and the data they exchange, you need to familiarize yourself with these concepts:
- OpenID Connect (OIDC). An authentication protocol built on top of OAuth 2.0, designed to verify user identity and provide profile information in a standardized way. To learn more about OIDC, refer to the OIDC specification.
- Pushed Authorization Requests (PAR). An extension for OIDC that lets a client securely send the parameters of its authorization request directly to the authorization server via an HTTP POST. It addresses risks associated with sending sensitive parameters in the browser's URL during authentication and helps avoid URL length limits. For more details on PAR, refer to RFC9126.
- Akamai MFA OIDC integration. With an OIDC integration, you can leverage OIDC to connect your identity provider (IdP) solution with Akamai MFA, providing the user with two-step authentication. First, the user needs to confirm their identity with your IdP system, for example, using their username and password. Next, the user has to confirm that the login is legitimate using one of the Akamai MFA second factors. You create an OIDC integration in Enterprise Center.