Building or leveraging an OIDC provider to protect web applications.

In this post, I write about OpenID and OAuth2 providers, and what can you use to build or leverage them to protect your web applications.

Before discussing about OpenID Connect and OAuth2, let’s talk about one of the traditional mechanisms to authenticate the users, form based authentication and its drawbacks.

Form based authentication

In a typical web application, the backend includes a database which stores users’ accounts, and the frontend…