OAuth 2.0

About

It is a authentication & authorization protocol.

It allows apps to gain limited access to protected resources, without the need to share credentials.

OAuth strurcture is composed of 4 main actors, that interact with each other to obtain authorization and access to protected resources.

Structure

Resource Owner

It is the app user that owns the protected resouce that must be accessed.

OAuth Server

It is the server that authenticates the resource owner and grants access permission.

It is responsible for verifying the user identity and validade the given credentials.

Client

It is the app that requests access to the protected resource.

Resource Server

It is the server that hosts the protected resources.

It is responsible for verifying if the Client has permissions/authorization to access the resources.