What's the difference between OpenID and OAuth?

Micah picture Micah · Jul 6, 2009 · Viewed 268.4k times · Source

I'm really trying to understand the difference between OpenID and OAuth? Maybe they're two totally separate things?

Answer

adrianbanks picture adrianbanks · Jul 6, 2009

OpenID is about authentication (ie. proving who you are), OAuth is about authorisation (ie. to grant access to functionality/data/etc.. without having to deal with the original authentication).

OAuth could be used in external partner sites to allow access to protected data without them having to re-authenticate a user.

The blog post "OpenID versus OAuth from the user’s perspective" has a simple comparison of the two from the user's perspective and "OAuth-OpenID: You’re Barking Up the Wrong Tree if you Think They’re the Same Thing" has more information about it.