Last week when I was in my home-town, I was having a conversation with my brother about OAuth and OpenId. When he asked me the difference between the 2 and asked me to give one line for each protocol I was not able to do so. That is when I realized that I was not clear about both the protocols myself.
As usual, went to the drawing board to figure out what each protocol is for.
Found the following presentation extremely helpful :
http://www.slideshare.net/rmetzler/identity-on-the-web-openid-vs-oauth
Summarizing the content here :
OpenId - is meant for identifying the user in the web-world. Only for identification. (as the name says)
OAuth - is required when a 3rd party is looking to access a user's data present in another server.
Data access.
OpenId - Identification
OAuth - Data access
Period.
As usual, went to the drawing board to figure out what each protocol is for.
Found the following presentation extremely helpful :
http://www.slideshare.net/rmetzler/identity-on-the-web-openid-vs-oauth
Summarizing the content here :
OpenId - is meant for identifying the user in the web-world. Only for identification. (as the name says)
OAuth - is required when a 3rd party is looking to access a user's data present in another server.
Data access.
OpenId - Identification
OAuth - Data access
Period.
That's really a brilliant and crisp way to put it.
ReplyDeleteThank you!. I was confused about a simple concept. Glad that you found this post helpful.
Delete