You Probably Don't Need OAuth2 / OpenID Connect!fleeting
- Référence externe : https://www.ory.sh/oauth2-openid-connect-do-you-need-use-cases-examples/
used in the wrong context - which often is the case - it can lead to serious security vulnerabilities.
that is the catch! These protocols are targeted at third party integration. Meaning that someone else is trying to access your user’s data. And someone else is trying to authenticate their users using your data
first point of decision is exactly this. Are you building a system that interacts with third parties
If so, OAuth2 and OpenID Connect are the best-in-class protocols to address your use case!