OAuth has been a jargon for quite some time now and it is difficult for a beginner to learn it, not because OAuth is hard, but because of the confusing facts found about OAuth on the web. So I wrote this article to explain why and how OAuth is used in very simple terms. Using this blog one can easily understand the basic concept of Oauth 2.0. Getting Started with OAuth 2.0
OAuth has been a jargon for quite some time now and it is difficult for a beginner to learn it, not because OAuth is hard, but because of the confusing facts found about OAuth on the web. So I wrote this article to explain why and how OAuth is used in very simple terms.
Let’s start with the basics: OAuth stands for Open Authorization. It’s a process through which an application or website can access private data from another website. It provides applications the ability for “secure designated access.” For example, you can tell Google that it’s OK for abc.com to access your google account or contact without having to give abc.com your google password.
OAuth never share password data but instead uses authorization tokens to prove an identity between consumers and service providers. OAuth is an authentication protocol that allows you to approve one application interacting with another on your behalf without giving away your password.
What is 2FA Two-Factor Authentication (or 2FA as it often referred to) is an extra layer of security that is used to provide users an additional level of protection when securing access to an account.
Both practices refer to being able to do things on one’s own behalf, but there are distinctions between the two that I will break down.
OAuth 2.0 is filled with terminology hard to understand and understanding the basics and getting started is not easy. In this tutorial, Let's learn how to make the requests needed for an OAuth 2.0 authorization flow using Postman.
First, the differences between authentication and authorization will be explained. Secondly, OpenID Connect and OAuth2 will be introduced as solutions for centralized authentication and authorization for microservice architectures. Lastly, there will be two implementation choices explained for authorization.
OAuth is an open authorization protocol that allows consumer applications on Web platforms such as Twitter, GitHub, or others to access the resource owner’s resources. The IETF OAuth Working Group developed OAuth 2.0 in 2012.