Published my notes on OAuth 2.0 and OpenID Connect

1 minute read

I’ve recently added new topics to my public notes:

  • JWT (JSON Web Token), a standard for creating JSON access tokens that can assert a number of claims.
  • OAuth 2.0, is an open framework that allows to securely obtain authorization to access resources via HTTP.
  • OpenID Connect, an authentication protocol. It builds upon OAuth 2.0 and JWT to provide users one login for multiple sites.

When I was reading about these topics online, I did not find any comprehensive sequence diagrams which were also up to date with the OAuth 2.0 and OpenID Connect specifications. With these notes, I’m trying to offer a high-level yet not-too-abstract view on these topics.

As always, you can let me know if you find any mistakes in my notes by creating a PR in the notes’ GitHub repository.