What is OAuth 2.0?

RESOURCES > GLOSSARY

OAuth 2.0 Definition

OAuth 2.0 is an open standard for authorization that allows a user to provide a third-party application with restricted access to their resources on a different server without revealing their credentials. It distinguishes the function of the user (resource owner) from the client application requiring access to secured resources.

OAuth 2.0 functions by distributing access tokens to client applications. These tokens facilitate access to particular resources on the user’s behalf, with permissions delineated by the token’s scope. Access tokens are generally ephemeral and can be renewed with refresh tokens to ensure secure, continuous access.

The OAuth 2.0 framework encompasses four primary roles:

• Resource Owner: The entity that possesses the safeguarded resources.
• Client: The application is soliciting access to the resources.
• Authorization Server: The server responsible for authenticating the resource owner and issuing access tokens.
• Resource Server: The server that houses the safeguarded resources.

OAuth 2.0 offers many grant types (authorization flows) tailored for distinct client types and scenarios, including authorization code, client credentials, password credentials, and implicit grants. Security protocols such as scopes, token expiration, and secure redirection are implemented to regulate and restrict access.

In essence, OAuth 2.0 facilitates secure, delegated access to resources without requiring the client to manage or retain user credentials directly.

Related Terms

• Authorization
• Application Interface
• Cybersecurity