OAuth (Open Authorization)
Definition
An open standard authorization protocol that lets users grant third-party applications limited access to their accounts without sharing passwords directly.
OAuth enables users to authorize applications to act on their behalf without revealing their credentials. When you click Sign in with Google on a third-party website, OAuth manages the flow: you authenticate directly with Google, which then issues a limited-scope access token to the requesting application, never exposing your actual password.
OAuth 2.0, the current standard, defines several authorization flows for different use cases. The authorization code flow is used for server-side web applications, the implicit flow for single-page apps, the client credentials flow for machine-to-machine communication, and the device code flow for devices with limited input capabilities like smart TVs.
OAuth solves the critical security problem of password sharing. Before OAuth, users had to give their actual username and password to third-party services that wanted to access their data. OAuth tokens can be scoped to specific permissions, set to expire, and revoked individually without changing the user's password, providing granular access control and improved security.
No spam. Unsubscribe anytime.
Related Calculators
Related Terms
JWT (JSON Web Token)
techA compact, self-contained token format used for securely transmitting claims between parties as a digitally signed JSON object for authentication.
SSL/TLS (Secure Sockets Layer / Transport Layer Security)
techCryptographic protocols that provide secure communication over computer networks, encrypting data between a web server and browser.
API (Application Programming Interface)
techA set of rules and protocols that allows different software applications to communicate with each other and share data or functionality.
Encryption
techThe process of converting readable data (plaintext) into an unreadable format (ciphertext) using an algorithm and key, protecting it from unauthorized access.
Related Articles
JSON Formatting Best Practices: Write Clean, Valid JSON
Master JSON formatting with best practices for syntax, nesting, and validation. Learn common errors, debugging tips, and how to write clean JSON data.
Regex Cheat Sheet: Essential Patterns Every Developer Needs
A practical regex reference guide with common patterns for emails, URLs, phone numbers, and more. Includes syntax explanations and real-world examples.
How to Generate Secure Passwords: Best Practices for 2026
Learn how to create strong, secure passwords that protect your accounts. Covers password length, complexity, managers, and multi-factor authentication.
Guide to QR Codes: How They Work, Types & Best Uses
Learn how QR codes work, the different types available, and best practices for creating and using them in marketing, payments, and information sharing.