Oauth2

Open standard for Authorization 2 (Oauth2) is an authorization protocol designed to allow users to have access to their resources hosted by a resource server, without providing credentials. The term "resources" means any entity or data that the user has the right to use.

OAuth2 has a rich set of features that allow it to be used by a wide range of devices and applications.

NOTE: In OAuth2 terminology, the service requesting access to user resources is the client and the service that can provide these resources is the resource server. Access to artifacts held by the resource server is controlled by access tokens, artifacts that "prove" access authorization. Additionally, OAuth2 provides a mechanism, called scope, which restricts permissions on a user's resource. The resource server is named to distinguish it from the authorization server.

Open standard for Authorization 2 (Oauth 2.0) framework is proposed as a complement to an authentication protocol and is aimed at a more flexible and dynamic context than the Enterprise one to which more SAML is addressed.

Its birth is mainly due to two needs of the main ones related to the web:

• the need to allow interaction between web applications of different suppliers, with the authorization of a user, using their own identity
• the need to be able to access the data of a web application through a mobile device without having to re-enter the credentials each time

Oauth2 responds to these needs with a model that includes four actors (user, client program, authorization server, resource server) and a series of operating flows (grant type) to choose from to better respond to the use case specific.

• Authorization Code
• Implicit Grant
• Client Credentials (used for Public APIs)
• Resource Owner Password Credentials