# A Beginner’s Guide to OAuth and OpenID Connect

By Ben Ramsey

- **Date:** May 21, 2026
- **Event:** [PHP Tek](https://2026.phptek.io)
- **Venue:** Sheraton Suites Chicago O'Hare

---

- [View slides](https://speakerdeck.com/ramsey/a-beginners-guide-to-oauth-and-openid-connect-php-tek-2026)
- [Download PDF](https://files.benramsey.com/talks/2026/php-tek/ben-ramsey-oauth-oidc-phptek2026.pdf)
- [Read feedback](https://joind.in/event/php-tek-2026/a-beginners-guide-to-oauth-and-openid-connect)

---

You’ve probably used OAuth without realizing it. Maybe you’ve signed in to an app using Google, authorized an app to post to your X/Twitter account, or granted access to your GitHub repositories. What’s really going on under the hood? How does this handshake of trust actually work, and why do developers love (and sometimes loathe) implementing it?

In this session, we’ll peel back the layers of OAuth 2.0 and OpenID Connect to understand their roles in modern authentication and authorization. We’ll demystify access tokens, refresh tokens, scopes, and the dance between resource servers and clients. You’ll see how OpenID Connect extends OAuth to handle identity and login flows securely. And most importantly, we’ll look at practical, real-world examples to make these concepts click.

If you’ve ever felt overwhelmed by the acronyms or confused by the specs, this talk is for you. You’ll leave with a solid mental model of how OAuth and OpenID Connect work together to make the web a safer, more connected place.