2 minutes OAuth
In this episode, I used the Facebook hack as the leeway to explain why using an access token to represent a user is a bad idea.
An OpenID Connect server is just an OAuth 2.0 server on steroids. What it does it to return the ID Token, which contains information about the authentication event
So, OpenID Connect provides a lot of advanced facilities to fulfill so many additional feature requested by the member community. It indeed is full of feature that is