OpenID is a solution for Web-based single sign-on whereas OAuth is for making secure resources in a Web application accessible to third-party software, including desktop applications.

Some Microsoft applications are vulnerable to an OAuth authentication flaw that could enable Azure account takeover.