What is OpenID Connect based on?

OpenID Connect is based on the OAuth 2 specification, which allows it to provide a framework for authentication built on top of OAuth 2's authorization capabilities. The design of OpenID Connect extends OAuth 2.0 to include identity and user information, enabling applications to securely verify the identity of users and obtain their profile information.

This relationship allows developers to implement single sign-on (SSO), leveraging OAuth 2’s token structure while adding standardized identity features. By using OAuth 2.0 as its foundation, OpenID Connect integrates easily with existing OAuth implementations while meeting the needs for a modern authentication protocol.

The other options, such as OAuth 1.0, SAML 2.0, and WS-Federation, represent different authentication and authorization models that do not provide the specific framework or capabilities that OpenID Connect implements. Each of those protocols has its own distinct structure and use cases, separate from the OAuth 2 foundation that OpenID Connect builds upon.