7. What Is OAuth?
• Open Authorization
• Authorization protocol
- To allow 3rd party apps to access data on your behalf
- Without revealing the password
- Sometime even without presence of the user
• A framework to allow secure API access
8. Why do we need OAuth?
• To allow 3rd party apps to access data on your behalf without
revealing password
• Sharing Password is a bad thing
• Provide Restricted Access, i.e. allow access to selected
resources
• Revoke access without changing password
9. Steps
• Generate Access Token (Session Id) using
OAuth Flow
• Make API calls using Access Token
10. OAuth Is…
“a process of generating Access Token, without
revealing the password”