In short: OAuth and OpenID exists to cater to two different needs. OpenID is authentication (verify that your login is correct) OAuth is authorization (ensure you have the right to a protected resource)
So OpenID is something you can use as a alternative to having user +password stored for each user on each site. OAuth is a way for a user to grant a someone (eg a photo printing service) access to your private resources (eg your photos) over at some other site (eg a photo sharing site), without the first one knowing your credentials to the second.. (However some people do use OAuth as some sort of authentication- scheme, like Twitter does, but this is not the expected use-case for OAuth and OpenID would imho be better suited at the job) Did that clear it up (or even make sense?) -Morten On May 21, 2009, at 7:08 AM, GenghisOne wrote: > > Is OAuth the same thing as OpenID? If not, are there any documents out > there that succinctly describe how many of these things are out there > and how they are different? > > Thx. > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "OAuth" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/oauth?hl=en -~----------~----~----~----~------~----~------~--~---
