During the implementation of a new internal web application, a security consultant recommends using an authentication protocol that enables users to authenticate with an external identity provider and delegates user authentication to this provider. This protocol should also allow the application to receive a token that includes information about the user, such as their email address and username, following a successful authentication. Which protocol should the consultant recommend?
OpenID Connect
Kerberos
OAuth 2.0
LDAP