As far as I understand, applications that we can login with our different accounts use OpenID Connect(A profile of OAuth2.0).
OAuth is for Authorization and OIDC is for authentication(It has ID Token-User Info Endpoint).
-
So, was it not possible to login to an application from another application account using OAuth before OIDC? (If possible, how?)
-
If plain OAuth can’t be used for authentication, what is/was it used for?
I mean what does it do with ‘authorization’ exactly?
What does it get from the resource service with the access token?