In this video Nate Barbettini gives a simple, easy-to-understand, overview of how OAuth 2.0 and OpenID Connect works as well as provides guidance on how you should think about using each of them in your application.

Best Practices

• Use OAuth 2.0 for Authorization scenarios to:

  • Grant access to your API

  • Get access to user data in other systems

• Use OpenID Connect for Authentication scenarios to:

  • Log in users

  • Making your accounts available in other systems

Helpful Resources:

• OAuth 2.0 and OpenID Connect (long version)

• Ebook on OAuth and OpenID