OAuth is an open standard authorization protocol that allows applications to provide client applications with secure delegated access and works over HTTPS and makes use of access tokens instead of credentials. This mechanism allows apps to share assets among the users without actually sharing the actual credentials.
A simple example would be a car’s valet key which allows a valet to temporarily drive and park the car but does not grant them full access to the trunk or glove box. One more common example is Facebook, where we get to access different apps within Facebook and Facebook acts as the service provider which allows the apps(consumer) to get access to your photo or information.
OAuth is about authorization and not authentication. Authorization gives permission to apps to access resources after successful authentication. Authorization deals with getting permission to perform certain tasks whereas authentication is a way to prove one’s identity to access the requested resources.
