OAuth 2.0 is an open standard for authorization. It enables an app to access data without the need for confidential login information, per request. Version 2.0 works over HTTPs and authorizes devices, APIs, and servers, with access tokens.

There's an earlier version of OAuth, but it is not compatible with 2.0. To describe it simply, OAuth is where:

  • An app requests access to a user account
  • The host service for the user account verifies the app
  • The app is granted an access token
  • The token is restricted to access only the user-authorized data 

Also see: