OAuth is designed for providing authorization of the third party without providing password. It is http based. OAuth provides an access token that can be exchanged for any supported assertion via an API.
OpenId is designed for authentication. In openId third-party authenticate your users for you, by using accounts they already have. It is used to authenticate single sign-on identity
| Sr. No. | Key | OAuth | OpenId |
|---|---|---|---|
| 1 | Basic | OAuth is designed for providing authorization of the third party without providing password | OpenId is designed for authentication. |
| 2 | Session | It does not initiate user's session. | OpenId initiate user's session |
| 3 | Access Token | It used token concept to provide authorization | In openId third-party authenticate your users for you, by using accounts they already have. |