In a desperate attempt to keep their flag alive after the takeover of the OAuth/OAuth2 social logins, the OpenID foundation released the "third generation" of the OpenID technology in February 2014; this was called OpenID Connect.

Despite the name, the new installment has little or nothing to do with their ancestors; it's merely an authentication layer built upon the OAuth2 authorization protocol. In other words, it's little more than a standardized interface to help developers using OAuth2 as an authentication framework in a less improper way, which is kind of funny, considering that OAuth2 played a major role in taking out OpenID 2.0 in the first place.

The choice to move to OpenID Connect was quite sad in 2014 and it still is as of today; however, after more than three years, we can definitely say that--despite its undeniable limitations--OpenID Connect can still provide a useful, standardized way to obtain user identity. It allows developers to request and receive information about authenticated users and sessions using a convenient, RESTful-based JSON interface; it features an extensible specification that also supports some promising optional features such as encryption of identity data, auto discovery of OpenID providers, and even session management. In short, it's still useful enough to be used instead of relying on pure OAuth2.