OAuth 2.0 and OpenID Connect both require user authentication to take place during an authorization code grant/flow. Airlock IAM provides full integration with authentication for both the OAuth 2.0 authorization code grant and the OIDC authorization code flow.
OIDC distinguishes between client and user agent. This distinction makes it necessary that the control of the process is handed over from one actor to the next, both on the end-user device and in Airlock IAM.