Skip to content
loading...

re: Explain OAuth like I'm Five VIEW POST

FULL DISCUSSION
 

OAuth is all about delegating Authorization (choosing someone who can do Authorization for you). Note that Authentication and Authorization are different things. OAuth is Authorization (Access control), and if you want to implement Authentication (ID verification) also, OpenID protocol can be used on top of OAuth.

All big companies like Facebook, Google, Github,... use this kind of authorization nowadays. For example, I just signed in on this website using my Github account, this means dev.to doesn't know my password, dev.to receives the allowance from github.com where my password (hashed obviously) is saved.

code of conduct - report abuse