Hacker News new | ask | show | jobs
by kyrra 1902 days ago
OAuth is just an identity tool (to say a login is a certain person). Zanzibar can be seen more as a ACL system that you can put across your system. So it is there to validate that a given user is able to access any specific resource.
1 comments
robertlagrant 1902 days ago
OAuth(2) are for access delegation. They are not for authentication or identity. For this reason, OIDC was built on top.
link