OAuth2 is a failed protocol - it's more of a set of guidelines for vendors to im... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		immibis 62 days ago \| parent \| context \| favorite \| on: Why We Abandoned Matrix (2024) OAuth2 is a failed protocol - it's more of a set of guidelines for vendors to implement proprietary authentication systems, all incompatible with each other.

apitman 62 days ago [–]

There's nothing stopping you from building interoperable protocols on top of OAuth2. I've done it a couple times.

OpenID Connect is another example.

OAuth2 has some worts, but I think it's worth the tradeoffs.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact