Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Open Authorization OAuth

Training Camp • Cybersecurity Glossary

What is Open Authorization OAuth?

The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner or on its own behalf.

Glossary > Identity & Access Management > Open Authorization OAuth

Understanding Open Authorization OAuth

The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf. OAuth is an open standard for access delegation that allows users to grant third-party applications limited access to their resources without sharing credentials. It uses tokens rather than passwords, enabling secure third-party integration for websites and applications. OAuth 2.0 is defined in RFC 6749 and related RFCs, and is referenced in security frameworks like NIST SP 800-63. Organizations implement OAuth through identity providers, authorization servers, client registration, scope definition, and token management. For example, a productivity application might implement OAuth to allow users to access their cloud storage files without requiring users to share their cloud storage credentials directly with the application, instead receiving limited-scope tokens that grant only the necessary permissions. Related terms: Authentication, Authorization, Federation, Single sign-on, Access token, Identity provider, OpenID Connect, JWT.

Learn More About Open Authorization OAuth:

Ready to Get Certified?

Open Authorization OAuth is one of the topics you'll master in the Security+ Boot Camp.

Security+ Boot Camp →