What problem does OAuth2.0 solve ?

OAuth2.0 enables third-party client applications to gain delegated access to an end user’s data and actions without having to share the end user’s credentials to the third-party client application.

Terminology

  1. Client Application - The third-party application that wants to consume the resources exposed by a resource server or a group of them.
  2. Resource Server - The server whose resources are being exposed and need to be protected.
  3. Resource Owner - The owner of a particular resource in the resource server. This is also known as the end user.
  4. Authorization Server - The server that protects the resources of the resource owner and facilitates the delegation of access to the client application.