OAuth 2.0 is an authorization framework that enables a third-party application to obtain limited access to an HTTP service on behalf of a resource owner. It provides authorization flows for web and desktop applications, mobile phones, and living room devices. The key roles in OAuth 2.0 are the resource owner, resource server, client, and authorization server. The four core authorization flows are authorization code, implicit, resource owner password credentials, and client credentials. OAuth 2.0 aims to address issues with the traditional client-server authentication model such as storing user credentials, inability to revoke access, and unlimited access provided by passwords.