← Back to Glossary

What is OAuth?

by Iwan Price-Evans on Security • June 1, 2022

OAuth is an acronym for Open Authentication Toolkit. It was developed as a way to make sharing user data across different websites more secure. It allows developers to create apps that use other people’s accounts without asking for explicit permissions. This makes it easier for users to sign in to multiple sites at once.

Why Should I Care About OAuth?

If you use social media platforms such as Facebook, Twitter, LinkedIn, Google+, Instagram, etc., you probably use OAuth to log in to these services. This allows you to share your personal information with other sites without having to retype your username and password every time.

The OAuth 2.0 Protocol

OAuth 2.0 is an open standard protocol developed by the OpenID Foundation to provide a simple method for authorizing web servers to obtain limited access to protected resources within a user's account on another website.

How Does OAuth Work?

OAuth allows developers to build applications that use APIs provided by other sites. It provides a secure way for these applications to request access to the API without exposing the application itself to the site being accessed.

OAuth uses HTTP headers to exchange authentication tokens between two parties. These tokens are then used to authenticate requests made by one service to another.