Hacker News new | past | comments | ask | show | jobs | submit login

huh? OAuth is literally a "delegated authorization framework"



It isn't. OAuth2 really did away with AuthZ and focused on AuthN, regardless of what anyone says.

You have scopes but even those outside of the OIDC scopes are wishy washy and meaningless outside of each implementation.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: