Overview
Direct Answer
OAuth is an open standard protocol that enables secure delegation of user authentication and authorisation without sharing passwords. It allows users to grant third-party applications access to their resources on other platforms through the use of access tokens rather than credentials.
How It Works
The protocol operates through a token exchange mechanism where a user redirects to an authorisation server, authenticates, and approves access scopes for a requesting application. The server issues time-limited access tokens that the third-party application uses to interact with protected resources on behalf of the user, without ever handling the user's password.
Why It Matters
OAuth reduces security risk by eliminating password sharing, strengthens compliance with data protection regulations through granular permission controls, and accelerates user onboarding by enabling single sign-on across multiple services. Organisations benefit from reduced support costs and improved user experience when managing federated identity systems.
Common Applications
OAuth is widely deployed in social login implementations, enterprise identity management systems, mobile application authentication, and API authorisation frameworks. Real-world instances include user account integration with third-party applications, cross-platform service authorisation, and cloud resource access management.
Key Considerations
Organisations must carefully scope permissions to minimise exposure if tokens are compromised, and manage token lifecycle through refresh mechanisms to balance security with usability. Implementation complexity varies significantly across different OAuth flows, requiring selection appropriate to the application architecture and threat model.
Cross-References(1)
More in Cloud Computing
Object Storage
InfrastructureA data storage architecture managing data as objects rather than file hierarchies or block addresses.
GPU Cloud Computing
Service ModelsCloud infrastructure providing on-demand access to graphics processing units optimised for AI training and inference, enabling organisations to scale compute without capital investment.
Virtual Machine
InfrastructureA software emulation of a physical computer that runs an operating system and applications independently.
Message Queue
Architecture PatternsA communication method where messages are stored in a queue until the receiving application can process them.
Block Storage
InfrastructureA data storage technology that manages data as individual blocks, each acting as an independent hard drive.
Cloud Computing
Service ModelsThe delivery of computing services — servers, storage, databases, networking, software — over the internet on demand.
Cloud Migration
Deployment & OperationsThe process of moving data, applications, and workloads from on-premises infrastructure to cloud environments.
Infrastructure as a Service
Service ModelsCloud computing model providing virtualised computing resources like servers, storage, and networking over the internet.