OAuth 2.0 and OIDC (OpenID Connect)

2022-10-01 oauth

This diagram shows the relationships between OAuth and OIDC. OAuth is an consent and token based authorization standard/framework which allows third-party applications to access data in one application without sharing password and other credentials. OIDC builds on top of that with additional features like identity token (JWT) and profile information. OIDC is commonly used in SSO (Single Sign-On) scenarios.

References

An Illustrated Guide to OAuth and OpenID Connect | Okta Developer

OAuth 2.0
[Not supported by viewer]
Client ID/ Secret
[Not supported by viewer]
Consent
[Not supported by viewer]
Authorization Flows
[Not supported by viewer]
Scopes
[Not supported by viewer]
Redirect URI
[Not supported by viewer]
Authorisation Code
[Not supported by viewer]
Access Token
[Not supported by viewer]
Resource Owner
[Not supported by viewer]
Client
[Not supported by viewer]
Authorization Server
[Not supported by viewer]
Resource Server
[Not supported by viewer]
OIDC (OpenID Connect)
[Not supported by viewer]
ID Token (JSON Web Token)
[Not supported by viewer]
Login
(Authentication)
[Not supported by viewer]
Profile
[Not supported by viewer]