sajad torkamani

ID tokens are used for authentication

An ID token is the JWT that a app (sometimes referred to as a relying party / RP) receives when a user has authenticated using an identity provider (e.g., Google or Facebook). ID tokens are artefacts of OpenID connect and are used for authentication.

What is an ID token?

Access tokens are used for authorization

An access token is used to grant a relying party access to a resource (e.g., an API). Access tokens are artefacts of OAuth2.0 and are used for authorization.

What is an access token?