OAuth is an open authorization framework that allows users to grant limited access to their data without sharing passwords. It enables secure delegated access to APIs, commonly used by social logins and third party integrations. In OAuth flows, applications receive tokens that represent permissions. OAuth avoids the need for applications to store or handle user credentials. It helps protect user data by enforcing scoped, revocable access. OAuth has become a standard mechanism for identity and authorization in web systems.
how it works
OAuth typically involves four parties: the user, client application, authorization server, and resource server. The user approves the client’s request for access. The authorization server issues an access token, often a JWT, which the client includes in API calls. Tokens specify scopes that define allowed actions. Refresh tokens may extend sessions without reauthentication. OAuth reduces risk by centralizing identity and minimizing password exposure.