diff --git a/samples/OpenIdConnectSample/Startup.cs b/samples/OpenIdConnectSample/Startup.cs
index 546d1f7640..9d14dd0b53 100644
--- a/samples/OpenIdConnectSample/Startup.cs
+++ b/samples/OpenIdConnectSample/Startup.cs
@@ -21,6 +21,8 @@ namespace OpenIdConnectSample
         {
             loggerfactory.AddConsole(LogLevel.Information);
 
+            app.UseIISPlatformHandler();
+
             app.UseCookieAuthentication(options =>
             {
                 options.AutomaticAuthenticate = true;
@@ -31,8 +33,9 @@ namespace OpenIdConnectSample
                 options.ClientId = "63a87a83-64b9-4ac1-b2c5-092126f8474f";
                 options.ClientSecret = "Yse2iP7tO1Azq0iDajNisMaTSnIDv+FXmAsFuXr+Cy8="; // for code flow
                 options.Authority = "https://login.windows.net/tratcheroutlook.onmicrosoft.com";
-                options.RedirectUri = "http://localhost:42023";
+                options.RedirectUri = "http://localhost:42023/signin-oidc";
                 options.ResponseType = OpenIdConnectResponseTypes.Code;
+                options.GetClaimsFromUserInfoEndpoint = true;
             });
 
             app.Run(async context =>
diff --git a/samples/OpenIdConnectSample/project.json b/samples/OpenIdConnectSample/project.json
index 7397fe51e6..6f27caa556 100644
--- a/samples/OpenIdConnectSample/project.json
+++ b/samples/OpenIdConnectSample/project.json
@@ -2,19 +2,19 @@
     "dependencies": {
         "Microsoft.AspNet.Authentication.Cookies": "1.0.0-*",
         "Microsoft.AspNet.Authentication.OpenIdConnect": "1.0.0-*",
-        "Microsoft.AspNet.DataProtection": "1.0.0-*",
-        "Microsoft.AspNet.Server.IIS": "1.0.0-*",
+        "Microsoft.AspNet.IISPlatformHandler": "1.0.0-*",
+        "Microsoft.AspNet.Server.Kestrel": "1.0.0-*",
         "Microsoft.AspNet.Server.WebListener": "1.0.0-*",
-        "Microsoft.Extensions.Logging.Console": "1.0.0-*",
-        "Microsoft.AspNet.Server.Kestrel": "1.0.0-*"
+        "Microsoft.Extensions.Logging.Console": "1.0.0-*"
     },
     "frameworks": {
         "dnx451": { },
         "dnxcore50": { }
     },
     "commands": {
-        "web": "Microsoft.AspNet.Hosting server=Microsoft.AspNet.Server.WebListener server.urls=http://localhost:42023",
-        "kestrel": "Microsoft.AspNet.Hosting --server Microsoft.AspNet.Server.Kestrel --server.urls http://localhost:42023"
+        "web": "Microsoft.AspNet.Server.Kestrel",
+        "kestrel": "Microsoft.AspNet.Server.Kestrel --server.urls http://localhost:42023",
+        "weblistener": "Microsoft.AspNet.Server.WebListener --server.urls http://localhost:42023"
     },
     "webroot": "wwwroot"
 }
diff --git a/samples/OpenIdConnectSample/wwwroot/web.config b/samples/OpenIdConnectSample/wwwroot/web.config
new file mode 100644
index 0000000000..9a0d90abf8
--- /dev/null
+++ b/samples/OpenIdConnectSample/wwwroot/web.config
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<configuration>
+  <system.webServer>
+    <handlers>
+      <add name="httpPlatformHandler" path="*" verb="*" modules="httpPlatformHandler" resourceType="Unspecified" />
+    </handlers>
+    <httpPlatform processPath="%DNX_PATH%" arguments="%DNX_ARGS%" forwardWindowsAuthToken="false" startupTimeLimit="3600" />
+  </system.webServer>
+</configuration>
\ No newline at end of file
diff --git a/src/Microsoft.AspNet.Authentication.JwtBearer/project.json b/src/Microsoft.AspNet.Authentication.JwtBearer/project.json
index c72f4bf01b..0bd5579989 100644
--- a/src/Microsoft.AspNet.Authentication.JwtBearer/project.json
+++ b/src/Microsoft.AspNet.Authentication.JwtBearer/project.json
@@ -10,7 +10,7 @@
     },
     "dependencies": {
         "Microsoft.AspNet.Authentication": "1.0.0-*",
-        "Microsoft.IdentityModel.Protocols.OpenIdConnect": "2.0.0-beta8-*"
+        "Microsoft.IdentityModel.Protocols.OpenIdConnect": "2.0.0-rc1-*"
     },
     "frameworks": {
         "dnx451": {
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectHandler.cs b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
index c6abe26eef..9997bd3cd2 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/OpenIdConnectHandler.cs
@@ -659,8 +659,21 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
             var responseMessage = await Backchannel.SendAsync(requestMessage);
             responseMessage.EnsureSuccessStatusCode();
             var userInfoResponse = await responseMessage.Content.ReadAsStringAsync();
-            var userInfoEndpointJwt = new JwtSecurityToken(userInfoResponse);
-            var user = JObject.Parse(userInfoResponse);
+            JObject user;
+            var contentType = responseMessage.Content.Headers.ContentType;
+            if (contentType.MediaType.Equals("application/json", StringComparison.OrdinalIgnoreCase))
+            {
+                user = JObject.Parse(userInfoResponse);
+            }
+            else if (contentType.MediaType.Equals("application/jwt", StringComparison.OrdinalIgnoreCase))
+            {
+                var userInfoEndpointJwt = new JwtSecurityToken(userInfoResponse);
+                user = JObject.FromObject(userInfoEndpointJwt.Payload);
+            }
+            else
+            {
+                throw new NotSupportedException("Unknown response type: " + contentType.MediaType);
+            }
 
             var userInformationReceivedContext = await RunUserInformationReceivedEventAsync(ticket, message, user);
             if (userInformationReceivedContext.HandledResponse)
@@ -676,7 +689,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
 
             Options.ProtocolValidator.ValidateUserInfoResponse(new OpenIdConnectProtocolValidationContext()
             {
-                UserInfoEndpointResponse = userInfoEndpointJwt,
+                UserInfoEndpointResponse = userInfoResponse,
                 ValidatedIdToken = jwt,
             });
 
@@ -710,7 +723,7 @@ namespace Microsoft.AspNet.Authentication.OpenIdConnect
                 identity.AddClaim(new Claim(pair.Key, claimValue, ClaimValueTypes.String, Options.ClaimsIssuer));
             }
 
-            return new AuthenticationTicket(new ClaimsPrincipal(identity), ticket.Properties, ticket.AuthenticationScheme);
+            return ticket;
         }
 
         /// <summary>
diff --git a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
index 2b1b0b4ca9..062542d7e6 100644
--- a/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
+++ b/src/Microsoft.AspNet.Authentication.OpenIdConnect/project.json
@@ -10,7 +10,7 @@
     },
     "dependencies": {
         "Microsoft.AspNet.Authentication": "1.0.0-*",
-        "Microsoft.IdentityModel.Protocols.OpenIdConnect": "2.0.0-beta8-*"
+        "Microsoft.IdentityModel.Protocols.OpenIdConnect": "2.0.0-rc1-*"
     },
     "frameworks": {
         "dnx451": {