OAuth 2.0
An authorization framework that enables third-party applications to access a user's resources without exposing their credentials. OAuth 2.0 defines four grant types: Authorization Code, Implicit, Client Credentials, and Resource Owner Password. The protocol uses access tokens and refresh tokens to manage permissions. OAuth 2.0 is not an authentication protocol itself but is often combined with OpenID Connect for identity.
Giao thức liên quan
Được đề cập trong hướng dẫn
OAuth 2.0 Flows Explained: Authorization Code, Client Credentials, PKCE
Security & Authentication
API Keys vs OAuth vs JWT: Choosing the Right Auth Method
Security & Authentication
API Security Checklist: OWASP Top 10 for APIs
Security & Authentication
OAuth 2.0 PKCE for Public Clients: SPAs, Mobile, and CLI Apps
Security & Authentication
SMTP Authentication Methods Explained
Email Delivery
Migrating from SOAP to REST APIs
Migration & Upgrades
Tình huống liên quan
Được định nghĩa trong
Hướng dẫn quyết định
Xem thêm
Authentication
Security
JWT (JSON Web Token)
Security
API Key
Security
Bearer Token
Security
OAuth Authorization Code Flow
Authentication & OAuth
OAuth Client Credentials Flow
Authentication & OAuth
OAuth Implicit Flow (Legacy)
Authentication & OAuth
PKCE (Proof Key for Code Exchange)
Authentication & OAuth
OIDC (OpenID Connect)
Authentication & OAuth
Refresh Token
Authentication & OAuth
Token Introspection (RFC 7662)
Authentication & OAuth
OAuth Scopes
Authentication & OAuth
SAML (Security Assertion Markup Language)
Authentication & OAuth