1
votes

I understand that OpenId connect is a layer built on top of OAuth 2.0 for authentication. OAuth2.0 basically addresses Authorization whereas OpenId connect builds authentication framework on top of OAuth2.0 (via an explicit ID_token). But I am bit confused about the difference between OAuth 2.0 password grant type (I am not asking about other grant types, please note) and OpenId connect. Can anyone please explain it? Is there any difference in the use cases? Thanks in advance.

1
That is not what I asked. The exact difference between an OAuth grant type (password grant) and OpenId is what I am looking for. I understand the difference between OAuth and OpenId. Thanks.SRaj

1 Answers

1
votes

This quote based from here, and it may help you

As we know, Authorization Code Grant and Implicit Grant are typical 3-legged flows including interaction between a client, an authorization server, and a user. While the Resource Owner Password Credential Grant and Client Credential Grant are 2-legged which means the client uses pre-authorized scopes so that no interaction with the user is necessary, removing the need to perform one of the legs in the typical flow.