What is OAuth?
OAuth 2.0 is an authorization framework that lets a user grant an application limited access to their resources on another service without revealing their password. It is what powers "Sign in with Google/GitHub" and third-party access to your accounts.
The app receives a scoped access token instead of credentials, and the user can revoke it at any time. OpenID Connect builds authentication on top of OAuth.
Key points
- Grants scoped, revocable access without sharing passwords.
- The app receives an access token, not your credentials.
- Scopes limit what the token is allowed to do.
- OpenID Connect adds authentication (login) on top of OAuth.
Example
Authorization: Bearer ya29.A0Af...<access-token>
Common uses
- "Sign in with Google/GitHub/Apple"
- Granting apps access to your data (calendar, repos)
- API authorization with scoped tokens
- Single sign-on via OpenID Connect