Friday, May 17, 2013

OpenID and OAuth

First of all OpenID and OAuth are two different standards don't mix them together.

OpenID is only limited to identify the end user i.e. getting user authenticated from the third party provider like Google, Yahoo etc. The benefit of integrating with third party service provider for end user's authentication has following benefits.

  • End user don't have to remember another credentials for your site. They will be able to authenticate them self with their existing registered account with any of the third party service provider.
  • Along with that it also gives you advantage of Single Sign on for your site. 

Oauth provides way to identify (Authenticate with Oauth 2.0) end user as well as, provides a mechanism to get user's authorization to access his / her data with the given provider. 

       There is no comparison, both are different standars targeted to solve different problems. OpenId is targeted to get authentication done from third party service rather than having own system for the same. One can support multiple third service providers for authenticating user's with openId on their site. 
       Where as Oatuh is targeted to get user's authorization (for you application / site) to access his / her data from given service provider using respective api, exposed by same service provider. 

No comments:

Post a Comment