You can be authorized , but not to have token e.g. you can be authorized to contain a bank account, but have no access to your deposit at ATM because you do not have your plastic chip card – hereinafter – token . But what if you do, what if bank authorized you with a token . Say the bank did it , you get at your nearest ATM, you insert your token into , the ATM does it job, connects your token through the chip over the network , but it asked for an authentication , yes your PIN is your way to authenticate oneself & only (hopefully only) you knows that PIN !
In the nutshell authorization is just a consent of the user in three parties contract composed of :
- a user,
- a service (service usually provide OAuth server specification to be implemented within client),
- a client asking user's consent to do some tasks with service on behalf of (consent of) the user .
Stay tune for more, see you in a bit !
Top comments (0)