For MediaWiki's (the software used by Wikipedia) OAuth support, see mw:Help:OAuth
This article has multiple issues. Please help improve it or discuss these issues on the talk page. (Learn how and when to remove these template messages)
Some of this article's listed sources may not be reliable. Please help improve this article by looking for better, more reliable sources. Unreliable citations may be challenged and removed.(November 2023) (Learn how and when to remove this template message)
This article relies excessively on references to primary sources. Please improve this article by adding secondary or tertiary sources. Find sources: "OAuth" – news · newspapers · books · scholar · JSTOR(November 2023) (Learn how and when to remove this template message)
(Learn how and when to remove this template message)
Unofficial logo designed by Chris Messina
Latest version
2.0
Organization
Internet Engineering Task Force
Website
"The OAuth 2.0 Authorization Framework".
OAuth (short for "Open Authorization"[1][2]) is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords.[3][4] This mechanism is used by companies such as Amazon,[5] Google, Meta Platforms, Microsoft, and Twitter to permit users to share information about their accounts with third-party applications or websites.
Generally, the OAuth protocol provides a way for resource owners to provide a client [application] with secure delegated access to server resources. It specifies a process for resource owners to authorize third-party access to their server resources without providing credentials. Designed specifically to work with Hypertext Transfer Protocol (HTTP), OAuth essentially allows access tokens to be issued to third-party clients by an authorization server, with the approval of the resource owner. The third party then uses the access token to access the protected resources hosted by the resource server.[2]
^ abHardt, Dick (October 2012). Hardt, D (ed.). "RFC6749 - The OAuth 2.0 Authorization Framework". Internet Engineering Task Force. doi:10.17487/RFC6749. Archived from the original on 15 October 2012. Retrieved 10 October 2012. {{cite journal}}: Cite journal requires |journal= (help)
^Whitson, Gordon. "Understanding OAuth: What Happens When You Log Into a Site with Google, Twitter, or Facebook". Lifehacker. Archived from the original on 24 April 2014. Retrieved 15 May 2016.
OAuth (short for "Open Authorization") is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications...
List of notable OAuth service providers. List of single sign-on implementations Hotmail, Windows Live, Messenger, Entra ID (formally Azure Active Directory)...
while OAuth facilitates the authorization of one site to access and use information related to the user's account on another site. Although OAuth is not...
used for automation purposes. Heroku confirmed that the attack accessed OAuth bearer tokens used for integration with GitHub and salted and hashed customer...
build of Keycloak. Keycloak supports various protocols such as OpenID, OAuth version 2.0 and SAML and provides features such as user management, two-factor...
an identity layer on top of OAuth. In the domain model associated with OIDC, an identity provider is a special type of OAuth 2.0 authorization server. Specifically...
at any time. Live Connect is built on standard web technologies such as OAuth 2.0, Representational State Transfer (REST), and JavaScript Object Notation...
When it was introduced in 2012, it provided access to the Google+ APIs and OAuth 2.0. It expanded to cover a variety of Google services, allowing applications...
developer community. In 2010, Twitter mandated that all developers adopt OAuth authentication with just 9 weeks of notice. Later that year, Twitter launched...
the APIs requires authentication and authorization using the Oauth 2.0 protocol. Oauth 2.0 is a simple protocol. To start, it is necessary to obtain...
subsequently became part of OpenID Authentication 2.0. In early 2008, work on OAuth discovery by Eran Hammer-Lahav led to the development of XRDS Simple, a...
policies. OAuth 2.0 is considered to be an authorization standard. It differs from XACML though in its origin, its purpose, and its applications. OAuth is about:...
by Microsoft for MSN Chat OAUTHBEARER OAuth 2.0 bearer tokens (RFC 6750), communicated through TLS OAUTH10A OAuth 1.0a message-authentication-code tokens...
authentication) MD5 CRAM-MD5 OAUTH10A (OAuth 1.0a HMAC-SHA1 tokens as defined in RFC 5849) OAUTHBEARER (OAuth 2.0 bearer tokens as defined in RFC 6750)...
authenticated, supporting a number of Google-proprietary mechanisms as well as OAuth. Managing data - Create and delete objects such as tables, views, and user...
accessibility of the application. This can be accomplished with standards like OAuth and OpenID. To prevent loss of content from browser crashes and the like...
authentication service. User-delegated tokens: These are tokens such as OAuth which are granted based on user authentication. Policy & attribute-based...
and authorization: Implementing robust authentication mechanisms, such as OAuth or JSON Web Tokens (JWT), ensures that only authorized users can access...
scalability up to 500 concurrent users, PDF generation on server and WebDirect, OAuth 2.0 support (Amazon, Google, Microsoft) at the Security layer FileMaker...