What is OAuth?
Thread ๐งต๐๐ป
Thread ๐งต๐๐ป
OAuth is an open standard for authorization.
It allows users to let third-party access web resources without sharing their passwords.
It also allows for secure authentication of users by third-party applications.
It allows users to let third-party access web resources without sharing their passwords.
It also allows for secure authentication of users by third-party applications.
For instance, you can tell Google that you agree for the site xyz .com to access your profile (e.g. get your email address) without having to give xyz. com your Google password.
The main difference between the standard and OAuth is the fact that with OAuth, there's no need to share password data.
Instead, authorization tokens are used to prove the identity between consumers and service providers.
Instead, authorization tokens are used to prove the identity between consumers and service providers.
So it allows you to give one application permission to interact with another on your behalf without giving away your password.
The following scheme shows how the process works.
1. The application sends an authorization request to access service resources from the user
2. The application receives an authorization grant if the user authorized the request.
1. The application sends an authorization request to access service resources from the user
2. The application receives an authorization grant if the user authorized the request.
3. The application sends the authorization grant received from the user to the authorization server
4. The authorization server issues an access token to the application if the application identity is authenticated and the authorization grant is valid.
4. The authorization server issues an access token to the application if the application identity is authenticated and the authorization grant is valid.
5. The application sends the request to the resource server, including the access token for authentication.
6. If the access token is valid, the resource server returns the resource to the application.
6. If the access token is valid, the resource server returns the resource to the application.
Hope you enjoyed this thread.
If you found this thread useful, follow @Rapid_API ๐๐
If you found this thread useful, follow @Rapid_API ๐๐
Loading suggestions...