OpenID 和 OAuth 有什么区别? [英] What's the difference between OpenID and OAuth?

问题描述

我真的很想了解 OpenID 和 OAuth 之间的区别?也许它们是两个完全不同的东西?

I'm really trying to understand the difference between OpenID and OAuth? Maybe they're two totally separate things?

推荐答案

OpenID 是关于身份验证(即证明谁你是)，OAuth 是关于授权(即授予对功能/数据/等的访问权限......而无需处理与原始身份验证).

OpenID is about authentication (ie. proving who you are), OAuth is about authorisation (ie. to grant access to functionality/data/etc.. without having to deal with the original authentication).

OAuth 可用于外部合作伙伴站点，以允许访问受保护的数据，而无需重新验证用户.

OAuth could be used in external partner sites to allow access to protected data without them having to re-authenticate a user.

博客文章OpenID与从用户的角度来看 OAuth" 从用户的角度对两者进行了简单的比较，OAuth-OpenID:如果您认为它们是同一件事，那么您就是在找错树"有关它的更多信息.

The blog post "OpenID versus OAuth from the user’s perspective" has a simple comparison of the two from the user's perspective and "OAuth-OpenID: You’re Barking Up the Wrong Tree if you Think They’re the Same Thing" has more information about it.

这篇关于OpenID 和 OAuth 有什么区别?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！