Skip to content

re: Explain OAuth like I'm Five VIEW POST


OAuth is all about delegating Authorization (choosing someone who can do Authorization for you). Note that Authentication and Authorization are different things. OAuth is Authorization (Access control), and if you want to implement Authentication (ID verification) also, OpenID protocol can be used on top of OAuth.

All big companies like Facebook, Google, Github,... use this kind of authorization nowadays. For example, I just signed in on this website using my Github account, this means doesn't know my password, receives the allowance from where my password (hashed obviously) is saved.

code of conduct - report abuse