Simple Terms
- OpenID is about verifying a person's identity (authentication). (usually returns ID_TOKEN)
- OAuth is about accessing a person's stuff (authorization). (NO ID_TOKEN but information got pulled)
- OpenID Connect does both.
All three let a person give their username/password (or other credential) to a trusted authority instead of to a less trusted app.
OAuth 2.0 is an authorization framework, not an authentication protocol. You can think of this framework as a common denominator for authorization. ... The big difference between OpenID Connect and OAuth2 is the id_token . There is no id_token defined in OAuth2 because the id_token is specific to federated authentication
Laravel Framework
Open ID Connect implementation :
No comments:
Post a Comment