OAuth and OIDC - Introduction to Secure Delegated Access

OAuth and OIDC

OAuth and OIDC are two critical, related protocols for managing secure access in modern applications. OAuth 2.0 is an **authorization** framework that enables a third-party application to obtain limited, delegated access to a user's resources on another service without sharing the user's password; for instance, allowing a photo-printing service to access your Google Photos. It accomplishes this by issuing access tokens. OpenID Connect (OIDC) is a simple identity layer built on top of OAuth 2.0 that provides **authentication**. It allows an application to verify a user's identity based on authentication performed by a trusted provider (like "Sign in with Google"), returning an ID token that contains user profile information. In short, OAuth is about what a user can *do* (permissions), while OIDC is about who a user *is* (identity).

MS Word (.docx)Markdown (.md)

1.1.

1.1.1.

1.1.1.1.

1.1.1.2.

1.1.1.3.

1.1.2.

1.1.2.1.

1.1.2.2.

1.1.2.3.

1.1.3.

1.1.3.1.

1.1.3.2.

1.1.3.3.

1.2.

1.2.1.

1.2.1.1.

1.2.1.2.

1.2.1.3.

1.2.1.3.1.

1.2.1.3.2.

1.2.1.3.3.

1.2.1.4.

1.2.1.4.1.

1.2.1.4.2.

1.2.1.4.3.

1.2.1.4.4.

1.2.2.

1.2.2.1.

1.2.2.2.

1.2.2.3.

1.2.2.3.1.

1.2.2.3.2.

1.2.2.3.3.

1.2.2.3.4.

1.3.

1.3.1.

1.3.2.

1.3.3.

1.4.

1.4.1.

1.4.2.

1.4.3.

1.4.4.

1.4.5.

Go to top

2. OAuth 2.0 Framework Fundamentals

Introduction to Secure Delegated Access

The Problem of Password Sharing

Risks of Sharing Credentials

Limitations in Access Control

Auditability and Accountability Issues

Authentication vs Authorization

Authentication Fundamentals

Authorization Fundamentals

Evolution of Access Control

Role of OAuth and OIDC in Modern Applications