LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

What is the difference between OAuth and OIDC?

OAuth 2.0 handles authorization ("this app may access my files"); OIDC adds an identity layer on top for authentication ("prove who I am"), as in "Sign in with Google".

OAuth 2.0 = Authorization (what you can do) OIDC (OpenID Connect) = Authentication (who you are)

Protocol Purpose Token Use Case
OAuth 2.0 Grant permissions Access token "App can read my files"
OIDC Verify identity ID token + Access token "Login with Google"

Key insight: OIDC is built on top of OAuth 2.0. It adds an identity layer.

Real examples:

  • OAuth only: "Allow Canva to access my Google Drive files" (no login, just permission)
  • OIDC: "Sign in with Google" (verifies your identity)

Memory aid:

  • OAuth = Other apps Authorized to access your stuff
  • OIDC = Open ID = Identity verification

Go deeper:

From Quiz: SPRG / Authorization | Updated: Jul 14, 2026