What is OAuth 2?
OAuth is an open standard using which a third-party application can gain access to some part of a user’s account. The service that provides access, does not need to provide the application the user’s password. Instead, the service can provide a secure API using which the third-party application can access some part of the user’s account. In other words, OAuth provides a third-party client with secure delegated access to server resources on behalf of the user.
Sometimes a website or application wants to allow a user to login to the application using the user’s Gmail, Facebook or Twitter account and the application wants to access some part of the user’s Gmail, Facebook, or Twitter account. The application, in that case, uses the OAuth authorization framework. Using OAuth, the user can authorize the third-party application to access some part of his Gmail, Facebook, or Twitter account.
OAuth 1.0 was released in April 2010 and it was adopted widely. OAuth 2.0 was released in October 2012. Facebook supports only OAuth 2.0. Google and Microsoft support OAuth 2.0 as the recommended authorization mechanism.
Please note that OAuth is not an authentication protocol. It is an authorization framework using which a user can authorize a third-party application to use some part of his account.
How does OAuth 2 work? In this article, we would discuss that in detail.
In this article, we will discuss:
-
What is OAuth 2?
-
How does OAuth 2 work?
0 Comments