OAuth

Overview

Direct Answer

OAuth is an open standard protocol that enables secure delegation of user authentication and authorisation without sharing passwords. It allows users to grant third-party applications access to their resources on other platforms through the use of access tokens rather than credentials.

How It Works

The protocol operates through a token exchange mechanism where a user redirects to an authorisation server, authenticates, and approves access scopes for a requesting application. The server issues time-limited access tokens that the third-party application uses to interact with protected resources on behalf of the user, without ever handling the user's password.

Why It Matters

OAuth reduces security risk by eliminating password sharing, strengthens compliance with data protection regulations through granular permission controls, and accelerates user onboarding by enabling single sign-on across multiple services. Organisations benefit from reduced support costs and improved user experience when managing federated identity systems.

Common Applications

OAuth is widely deployed in social login implementations, enterprise identity management systems, mobile application authentication, and API authorisation frameworks. Real-world instances include user account integration with third-party applications, cross-platform service authorisation, and cloud resource access management.

Key Considerations

Organisations must carefully scope permissions to minimise exposure if tokens are compromised, and manage token lifecycle through refresh mechanisms to balance security with usability. Implementation complexity varies significantly across different OAuth flows, requiring selection appropriate to the application architecture and threat model.

Cross-References(1)

Blockchain & DLT

Token

Related in Strategy & Economics

Multi-Cloud

A strategy using services from multiple cloud providers to avoid vendor lock-in and optimise capabilities.

Hybrid Cloud

An IT architecture combining on-premises infrastructure with public and private cloud services.

Cloud Security

The set of policies, technologies, and controls deployed to protect cloud-based systems, data, and infrastructure.

Identity and Access Management

A framework for managing digital identities and controlling user access to resources and systems.

Single Sign-On

An authentication scheme allowing users to log in once and gain access to multiple related systems.

Cloud Database

A database service built, deployed, and accessed through a cloud platform, offering scalability and managed operations.

Reserved Instance

A cloud pricing model where users commit to a specific resource configuration for a term in exchange for discounted rates.

Cloud Governance

The policies, procedures, and tools for managing cloud resource usage, security, compliance, and costs.

Multi-Tenancy

A software architecture where a single instance serves multiple customers, with each tenant's data isolated and invisible to others.

Cloud Bursting

A configuration where an application runs in a private cloud and bursts into a public cloud when demand spikes.

Cloud-Native Database

A database designed from the ground up to operate in cloud environments with automatic scaling and high availability.

Serverless Database

A database service that automatically provisions, scales, and manages infrastructure on demand without manual server management.

More in Cloud Computing

Object Storage

Infrastructure

A data storage architecture managing data as objects rather than file hierarchies or block addresses.

GPU Cloud Computing

Service Models

Cloud infrastructure providing on-demand access to graphics processing units optimised for AI training and inference, enabling organisations to scale compute without capital investment.

Virtual Machine

Infrastructure

A software emulation of a physical computer that runs an operating system and applications independently.

Message Queue

Architecture Patterns

A communication method where messages are stored in a queue until the receiving application can process them.

Block Storage

Infrastructure

A data storage technology that manages data as individual blocks, each acting as an independent hard drive.

Cloud Computing

Service Models

The delivery of computing services — servers, storage, databases, networking, software — over the internet on demand.

Cloud Migration

Deployment & Operations

The process of moving data, applications, and workloads from on-premises infrastructure to cloud environments.

Infrastructure as a Service

Service Models

Cloud computing model providing virtualised computing resources like servers, storage, and networking over the internet.

Overview

Direct Answer

How It Works

Why It Matters

Common Applications

Key Considerations

Cross-References(1)

Related in Strategy & Economics

Multi-Cloud

Hybrid Cloud

Cloud Security

Identity and Access Management

Single Sign-On

Cloud Database

Reserved Instance

Cloud Governance

Multi-Tenancy

Cloud Bursting

Cloud-Native Database

Serverless Database

More in Cloud Computing

Object Storage

GPU Cloud Computing

Virtual Machine

Message Queue

Block Storage

Cloud Computing

Cloud Migration

Infrastructure as a Service

See Also

Token