A relatively new protocol (ratified in February 2014), Connect is designed as an extension to the popular OAuth 2.0 protocol used in web service security. OpenID Connect adds an authentication and identity layer on top of the core OAuth 2.0 protocol allowing an application to authenticate a user and receive a token it can use for API calls via the same process. OpenID Connect is optimal for internal SSO, web application SSO and mobile SSO.