OAuth 2 is an authorization framework and it works by delegating user authentication to a service. It authorizes third-party applications to access that user account.
It provides authorization for web, desktop, and mobile apps.
OAuth 2 Rules:
- Resource Owner: The user or system that owns the protected resources.
- Client: The client is the system that requires access to protected resources.
- Authorization Server: This server receives requests from the Client for Access Tokens and issues them upon successful authentication and consent by the Resource Owner.
- Resource Server: A server that protects the user’s resources and receives access requests from the Client.