Chapter IV: Distributed System Concerns

OAuth 2.0 & OpenID Connect

Delegated authorization and an identity layer built on top of it.

In short

OAuth 2.0 delegates authorization; OpenID Connect adds an identity (authentication) layer on top.

Loading diagram…

Key takeaways

OAuth 2.0 = authorization; OIDC = authentication on top of it.
Access tokens grant API access; ID tokens prove identity.