OpenID Connect provides user identity and authentication on top of the OAuth 2.0 framework. You can use OpenID Connect to establish a login session, and use OAuth to access protected resources.

You can request both an ID token and access token in the same flow in order to both authenticate the user as well as obtain authorization to access a protected resource.

OpenID Connect is maintained by the OpenID Foundation. The core OpenID Connect spec, as well as many extensions, can be read in full on

The OpenID Connect Debugger is a fantastic resource to help you build OpenID Connect requests and walk through the flows. Additionally, the OAuth 2.0 Playground provides a walkthrough of the OpenID Connect flow against a live server.

In Signing in with Google we walk through building a sample app using OpenID Connect.