What is Oauth (Open Autherization)

OAuth 2.0 is an authorization framework that allows a third-party application to access a user’s resources without exposing their password. It uses access tokens instead. The user authenticates with a trusted authorization server, grants permission, and the app receives an access token to access the user’s data securely.
Easy points to remember Oauth flow login with Google and Github.
How it works:
User wants to login into new app
Instead of creating new account, user clicks login with Google/Github
App redirect user to Google authentication page
The app doen’t ask for your password it sends you to google authentication page.
User approve access
you log into google (if not already logged in)
you see a message Allow this app to access you name and email
Google sends an authentication code
After approval, Google sends a temporary code to the app
App exchange code for access token
The app sends a code to google’s Token endpoint, google responds with an Access Token.
App uses token to fetch user data
The app uses the token to ask google for your name, email etc.
User is logged in
app receives basics info and logs you in
your password is never shared with the App
Oauth lets you log into the apps uising your google or Github account without sharing your password it uses tokens to give safe, limited access.
Subscribe to my newsletter
Read articles from Shahrukh Ahmad directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by

Shahrukh Ahmad
Shahrukh Ahmad
Passionate about coding and the limitless possibilities of cloud technology. I thrive on turning ideas into scalable, efficient solutions. Let's connect and explore the exciting synergy between code and the cloud! 🤖 AI / ML🧠| 📊 - Data Science |Azure☁️AWS | Linux🐧| Windows🖥️| Python | JAVA | 🐳 Docker | Git | Gitlab | ⚓️Kubernetes | 🚀 Jenkins CI/CD | 🏗️ terraform | SQL.