Open ID Connect, or OIDC, is a mechanism for identity authentication. It is built on top of OAuth 2.0 and is used to establish and verify the identity of a user or service. OIDC is used throughout the Cloud Native world for workload identity federation. This allows your CI pipeline to obtain an API token for your cloud provider without the need to provision long-lived secrets. In this talk, you will learn the ins and outs of how OIDC works. You’ll understand the spec and how you can use machine identities to secure your workloads. You’ll also see examples of what’s possible with OIDC from open source projects like Kubernetes, SPIFFE/SPIRE, and Sigstore.