Comment by immibis
23 days ago
OAuth2 is a failed protocol - it's more of a set of guidelines for vendors to implement proprietary authentication systems, all incompatible with each other.
23 days ago
OAuth2 is a failed protocol - it's more of a set of guidelines for vendors to implement proprietary authentication systems, all incompatible with each other.
There's nothing stopping you from building interoperable protocols on top of OAuth2. I've done it a couple times.
OpenID Connect is another example.
OAuth2 has some worts, but I think it's worth the tradeoffs.