OAuth2.0

OAuth 2.0

What is OAuth 2.0?

OAuth is an open authorization protocol, which allows accessing the resources of the resource owner by enabling the client applications on HTTP services such as Facebook, GitHub, etc. It allows sharing of resources stored on one site to another site without using their credentials. It uses username and password tokens instead. OAuth 2.0 is developed by the IETF OAuth Working Group, published in October 2012.

Why Use OAuth 2.0?

You can use OAuth 2.0 to read data of a user from another application,it supplies the authorization workflow for web, desktop applications, and mobile devices also  It is a server side web app that uses authorization code and does not interact with user credentials.

Features of OAuth 2.0

OAuth 2.0 is a simple protocol that allows to access resources of the user without sharing passwords and it provides user agent flows for running clients application using a scripting language, such as JavaScript. Typically, a browser is a user agent also it accesses the data using tokens instead of using their credentials and stores data in online file system of the user such as Google Docs or Dropbox account.

Advantages of OAuth 2.0

OAuth 2.0 is a very flexible protocol that relies on Transport Layer Security (TLS) to save user access token

OAuth 2.0 relies on TLS which is used to ensure cryptography industry protocols and are being used to keep the data safe it allows limited access to the user’s data and allows accessing when authorization tokens expire and It has ability to share data for users without having to release personal information. 

OAuth 2.0 It is easier to implement and provides stronger authentication.

Disadvantages of OAuth 2.0

If you are adding more extension at the ends in the specification, it will produce a wide range of non-interoperable implementations, which means you have to write separate pieces of code for Facebook, Google, etc.

If your favorite sites are connected to the central hub and the central account is hacked, then it will lead to serious effects across several sites instead of just one. For information about OAuth 2.0 diagram and some various concepts.

About zelmanti

GHM Notes is my personal blog, where I share about technologies ,framework I used, the books I'm reading, and what I'm learning. I hope that you'll join the conversation.