OAuth definition

Contributor(s): Stephanie Mann

OAuth (Open Authorization) is an open standard for token-based authentication and authorization on the Internet.

OAuth, which is pronounced "oh-auth," allows an end user's account information to be used by third-party services, such as Facebook, without exposing the user's password. OAuth acts as an intermediary on behalf of the end user, providing the service with an access token that authorizes specific account information to be shared. The process for obtaining the token is called a flow.

OAuth, which was first released in 2007, was conceived as an authentication method for the Twitter application program interface (API). In 2010, The IETF OAuth Working Group published OAuth 2.0. Like the original OAuth, OAuth 2.0 provides users with the ability to grant third-party access to web resources without sharing a password. Updated features available in OAuth 2.0 include new flows, simplified signatures and short-lived tokens with long-lived authorizations.

David Rice explains how OAuth works.

View Part 2, Part 3 and Part 4 of David Rice's explanation.

See also: Open ID, single sign-on

This was first published in June 2012

Continue Reading About OAuth

Dig Deeper on Mobile application development



Find more PRO+ content and other member only offers, here.



Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:


File Extensions and File Formats

Powered by: