What is Oauth (Open Autherization)

Shahrukh AhmadShahrukh Ahmad
2 min read

OAuth 2.0 is an authorization framework that allows a third-party application to access a user’s resources without exposing their password. It uses access tokens instead. The user authenticates with a trusted authorization server, grants permission, and the app receives an access token to access the user’s data securely.

Easy points to remember Oauth flow login with Google and Github.

How it works:

  1. User wants to login into new app

    Instead of creating new account, user clicks login with Google/Github

  2. App redirect user to Google authentication page

    The app doen’t ask for your password it sends you to google authentication page.

  3. User approve access

    you log into google (if not already logged in)

    you see a message Allow this app to access you name and email

  4. Google sends an authentication code

    After approval, Google sends a temporary code to the app

  5. App exchange code for access token

    The app sends a code to google’s Token endpoint, google responds with an Access Token.

  6. App uses token to fetch user data

    The app uses the token to ask google for your name, email etc.

  7. User is logged in

    app receives basics info and logs you in

    your password is never shared with the App

Fig: How OAuth works

Oauth lets you log into the apps uising your google or Github account without sharing your password it uses tokens to give safe, limited access.

0
Subscribe to my newsletter

Read articles from Shahrukh Ahmad directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Shahrukh Ahmad
Shahrukh Ahmad

Passionate about coding and the limitless possibilities of cloud technology. I thrive on turning ideas into scalable, efficient solutions. Let's connect and explore the exciting synergy between code and the cloud! 🤖 AI / ML🧠| 📊 - Data Science |Azure☁️AWS | Linux🐧| Windows🖥️| Python | JAVA | 🐳 Docker | Git | Gitlab | ⚓️Kubernetes | 🚀 Jenkins CI/CD | 🏗️ terraform | SQL.