oauth 2 0 vs openid connect

to the following blog, very comprehensive including identity authentication and. Net encryption and decryption, and other content: https://dotnetcodr.com/security-and-cryptography/ Refer: Https://dzone.com/articles/whats-better-oauth-access-tokens-or-json-web-tokenHttps://stackoverflow.com/questions/32964774/oauth-or-jwt-which-one-to-use-and-whyHttp://openid.net/specs/draft-jones-

, the difference between OAuth and OpenID Connect is simply explained, and the key to their trade-offs is demand, which is satisfying for small applications, and because OpenID Connect is very complex, If there is a need, you can also consider using open source components su

Today's recommendation is an open source OpenID Connect/oauth 2.0 Service Framework--identityserver3 that I've been focusing on for a long time. It supports the complete OpenID Connect/oauth 2.0 standard, which makes it easy to bu

performed. OpenID addresses cross-site authentication issues, and OAuth addresses cross-site licensing issues. Authentication and authorization are inseparable. The two sets of protocols for OpenID and OAuth come from two different organizations with similarities and overlaps, so it's difficult to integrate them. Fort

the authorization server, regardless of whether the client is for user authentication or access to resources.UserThe user is the person who accesses their data using a registered client.ScopeA scope is a resource identifier that a client wants to access. The scope needs to be appended to the request during an authentication process or token acquisition.By default, each client can request a token at any scope, but you can limit it.The scope is divided into 2