OAuth is an open standard designed to allow applications to access resources hosted by other apps without sharing user passwords. It solves the problem of allowing users to grant third-party apps access to their accounts while keeping their credentials secure. The most common OAuth flows are the Authorization Code Grant, which is used by server-side apps, and the Authorization Code with PKCE (Proof Key for Code Exchange), which is used by client-side apps. OAuth does not handle authentication; it only handles authorization. OpenID Connect (OIDC) is an authentication layer built on top of OAuth that allows websites and applications to verify user identities without needing to manage sensitive details like passwords.