OAuth 2.0

OAuth 2.0 allows users to grant applications secure, limited access to their data without sharing their passwords.

Allow users to grant access to their applications.

OAuth 2.0 is an industry-standard protocol that enables secure, delegated access to APIs without requiring users to share their passwords with applications. Instead of handing over credentials, a user authorizes a trusted identity provider—such as Google, Microsoft, or an enterprise login system—to issue short-lived access tokens to a client application. These tokens define who is allowed to access what and for how long. By separating authentication (verifying identity) from authorization (granting specific permissions), OAuth 2.0 provides a flexible, scalable way for web, mobile, and server applications to safely interact with protected resources while maintaining strong security and user control.

License: Simplified BSD License

Tags: Authentication, Authorization, Security

Properties: Client Id, Client Secret, Redirect Uri, Scope, Response Type, Grant Type, Code, State, Access Token, Refresh Token, Token Type, Expires In

Website: https://oauth.net/2/

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified January 2, 2026: update (871c07bef)