I’ve recently added new topics to my public notes:
- JWT (JSON Web Token), a standard for creating JSON access tokens that can assert a number of claims.
- OAuth 2.0, is an open framework that allows to securely obtain authorization to access resources via HTTP.
- OpenID Connect, an authentication protocol. It builds upon OAuth 2.0 and JWT to provide users one login for multiple sites.
When I was reading about these topics online, I did not find any comprehensive sequence diagrams which were also up to date with the OAuth 2.0 and OpenID Connect specifications. With these notes, I’m trying to offer a high-level yet not-too-abstract view on these topics.
As always, you can let me know if you find any mistakes in my notes by creating a PR in the notes’ GitHub repository.