Having stared deep into both the Kerberos and OAuth/OpenID Connect abysses, it's kind of alarming how the simple web app authentication system has also evolved into a three headed monster of complexity
Except we replaced clever cryptography with bearer tokens
Except we replaced clever cryptography with bearer tokens