What's the point of an OAuth provider if it doesn't authenticate the user? I don't mean to be snarky, but this is something that's widely confused on the internet and by making a parallel statement I think this is most clearly indicated.
The fact is that authentication is required for both. My point is that "authentication" isn't a particular of OpenID 2, and focusing on that when explaining it is what's confusing.
For my part I was very confused when researching the two until I learned to mentally flag answers/posts that focused on this as noise.
The fact is that authentication is required for both. My point is that "authentication" isn't a particular of OpenID 2, and focusing on that when explaining it is what's confusing.
For my part I was very confused when researching the two until I learned to mentally flag answers/posts that focused on this as noise.