OAuth 2.0 is a authorization framework where a user of a service can allow a third-party application to access his/her data hosted in the service without revealing his/her credentials (ID & password) to the application. OAuth 2.0 is a set of defined process flows for “delegated authorization”.
OpenID Connect is a framework on top of OAuth 2.0 where a third-party application can obtain a user’s identity information which is managed by a service. OpenID Connect standardizes the flow for person authentication using OAuth2. OpenId Connect is a set of defined process flows for “federated authentication”.
OAuth 2.0 Terminology:
Resource Owner:
Client:
Resource Server:
Authorization Server:
https://hackernoon.com/demystifying-oauth-2-0-and-openid-connect-and-saml-12aa4cf9fdba
https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2