In Google's OpenID Migration Guide, for transitioning from OpenID 2.0 to OpenID Connect, step 1 is that I need to obtain OAuth credentials for my application.
One thing I like about "regular" OpenID is that I can allow my users to authenticate from any IDP of their choosing. Whether they use Google, Yahoo, or any other endpoint, as a developer I don't need to go through the trouble of manually obtaining OAuth credentials from each of those providers and configuring my application to support them.
As providers discontinue support for traditional OpenID, is there a way for me to allow users to continue using their current IDPs without me having to go through each one and manually obtaining OAuth credentials?
The way to achieve this in OpenID Connect is by using OpenID Connect Discovery and OpenID Connect Dynamic Client Registration protocol extensions but of course your OpenID Connect Provider needs to support these extensions.
来源:https://stackoverflow.com/questions/27714180/can-you-use-openid-connect-without-obtaining-oauth-credentials