OAuth 2.0
OAuth 2.0 is an open authorization framework that allows applications to obtain limited access to user accounts on third-party services without exposing user credentials.
⚙️ How Does It Work?
The user grants permission to an application to access their resources on a server on their behalf. The authorization server issues an access token that the client uses to call APIs.
📍 Where Is It Used?
API authorization, Login with Google or Facebook, mobile app integrations, SaaS-to-SaaS data sharing.
💡 Real-World Example
A productivity app wants to read your Google Calendar. Instead of asking for your Google password, it redirects to Google's authorization server. You approve the specific read calendar permission. Google issues an access token — the app never sees your password.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights via Identity Pulse.
Subscribe to Identity Pulse →