OAuth

OAuth is an authorization framework that allows third-party applications to access user resources on another service without requiring users to share their passwords. When you click 'Sign in with Google' on a website, OAuth is handling the authorization flow. The user approves access, Google provides a token, and the website uses that token to access authorized resources. OAuth 2.0 is the current standard. It separates authentication from authorization through a series of redirects and token exchanges. The resource owner (user) authorizes a client application to access their resources on a resource server, mediated by an authorization server. Tokens are scoped: an application can request 'read your email' without getting 'send email on your behalf.' Users can revoke access at any time without changing their password. The security model protects both users and applications. Users never expose credentials to third parties. Applications never store passwords they must protect. The risk surface is the token itself, stolen tokens can impersonate users until they expire or are revoked. OAuth is foundational to modern web architecture: nearly every login system, API integration, and third-party application uses it.