- OAuth 2.0 Tutorial
- OAuth 2.0 - Home
- OAuth 2.0 - Overview
- OAuth 2.0 - Architecture
- OAuth 2.0 - Client Credentials
- Obtaining an Access Token
- Accessing a Protected Resource
- OAuth 2.0 - Extensibility
- OAuth 2.0 - IANA Considerations
- OAuth 2.0 Useful Resources
- OAuth 2.0 - Quick Guide
- OAuth 2.0 - Useful Resources
- OAuth 2.0 - Discussion
OAuth 2.0 - Overview
What is OAuth 2.0?
OAuth is an open authorization protocol, which allows accessing the resources of the resource owner by enabling the client applications on HTTP services such as Facebook, GitHub, etc. It allows sharing of resources stored on one site to another site without using their credentials. It uses username and password tokens instead.
OAuth 2.0 is developed by the IETF OAuth Working Group, published in October 2012.
Why Use OAuth 2.0?
You can use OAuth 2.0 to read data of a user from another application.
It supplies the authorization workflow for web, desktop applications, and mobile devices.
It is a server side web app that uses authorization code and does not interact with user credentials.
Features of OAuth 2.0
OAuth 2.0 is a simple protocol that allows to access resources of the user without sharing passwords.
It accesses the data using tokens instead of using their credentials and stores data in online file system of the user such as Google Docs or Dropbox account.
Advantages of OAuth 2.0
OAuth 2.0 is a very flexible protocol that relies on SSL (Secure Sockets Layer that ensures data between the web server and browsers remain private) to save user access token.
OAuth 2.0 relies on SSL which is used to ensure cryptography industry protocols and are being used to keep the data safe.
It allows limited access to the user's data and allows accessing when authorization tokens expire.
It has ability to share data for users without having to release personal information.
It is easier to implement and provides stronger authentication.
Disadvantages of OAuth 2.0
If you are adding more extension at the ends in the specification, it will produce a wide range of non-interoperable implementations, which means you have to write separate pieces of code for Facebook, Google, etc.
If your favorite sites are connected to the central hub and the central account is hacked, then it will lead to serious effects across several sites instead of just one.