Comment by DaiPlusPlus
6 days ago
> OAuth 2.1 has no definition of a "provider"
Strictly speaking, yes. But speaking of IDPs more broadly, it’s perfectly acceptable to refer to the authorisation-server as an auth-provider, especially in OIDC (which is OAuth, with extensions) where it’s explicitly called “OpenID provider” - so it’s natural for anyone well-versed in both to cross terminology like that.
No comments yet
Contribute on Hacker News ↗