Skip to main content

Why doesn't 0account provide OAuth or OpenID Connect?

This is an important topic, and the answer is not immediately obvious. To answer these questions, first, we need to have at least a simple definition of what OAuth and OpenID Connect are. Let's try to focus on each separately:

OAuth 2.0

OAuth is a mechanism for delegating authorization to another server. For example, let's say you want a photo editing application to get access to your Google Drive so you can select and edit images from your Google Drive in the application without needing to download images from Google Drive and upload them manually to the photo editing application. That's how you authorize a photo editing application to access your photos on Google Drive.

0account does not provide access to third-party applications like the photo editing application or any other access to your 0account profile. So if you are using 0account, you share requested information only once (and you are always aware of what information is shared); applications cannot continually have access to your 0account profile.

Ok, that's clear, but why not use OpenID Connect to get access to the user's profile? One may wonder... Let's define OpenID Connect first:

OpenID Connect

OpenID Connect is a layer on top of the OAuth protocol to authenticate users. A good example of OpenID Connect is the Facebook login button that simply provides access to the user's Facebook profile, which is stored on Facebook's servers, to an application.

0account does not store users' profiles on its servers for unmatched security and privacy practices, and for this reason, we do not provide OpenID Connect.