In the age of the “personalized web experience,” authentication and user management is a given, and it’s easier than ever for businesses to tap into third-party authentication providers like Facebook, Twitter, and Google to secure their APIs, and identify users logged into their apps. OpenID Connect (OIDC) is a protocol for authenticating users. It lays out what an Identity Provider needs to provide in order to be considered “OpenID Connect Certified” which makes it easier than ever to consume authentication as a service.
Why Not Use OAuth 2.0?
First, OAuth 2.0 is NOT an authentication protocol. I know what you’re thinking: “What?!!?” But it’s not. It is a delegated authorization framework, which many modern authentication protocols are built on.