Security

What is OAuth 2.0?

An authorization framework that enables third-party applications to access user resources.

Definition

OAuth 2.0 is an industry-standard authorization protocol that allows users to grant third-party applications limited access to their resources without sharing credentials. It uses access tokens, refresh tokens, and scopes. Common flows include Authorization Code (web apps), PKCE (SPAs/mobile), Client Credentials (machine-to-machine), and Device Code (smart TVs). OpenID Connect (OIDC) adds an identity layer on top of OAuth 2.0.

Related Terms

Authentication Authorization JWT

More in Security

Authentication Authorization JWT SSL/TLS CSRF XSS

JWT SSL/TLS