View the original community article here
Last tested: Jun 14, 2019
It's more secure than OAuth alone, since it has more robust authentication methods built on top of OAuth 2.0 authorization methods. It's OAuth + the stuff you'd need to make OAuth a good authentication client, all in one! Out of the box!
There are some nifty tricks in ODIC. One example of this is that in the API call, one of the values returned for each key is a key id (kid) which can be used to quickly determine if the crypto key has changed - basically, this gives us automatic key rotation.
There are also different ways to pass information (front end vs back end), and you can choose which you want to use based on how your application is set up! More on that here: https://www.onelogin.com/blog/openid-connect-explained-in-plain-english