OAuth 2.0

Table of Contents

1 OAuth Transaction

1.1 Actors

  • Resource Owners: is the entity that has the authority to delegate access to the client. The resource owner

interacts with the authorization server using a web browser.

  • Client: is a piece of software that attempts to access the protected resource
  • Authorization Server
  • Protected resources

1.2 Components

1.2.1 Access Tokens

The authorization server's job is to issue the token, and the protected resource's job is to validate the token. As such, they both need to be able to understand the token itself and what it stands for. However, the client is completely oblivious to all of this. This approach allows the client to be much simpler than it would otherwise need to be.

1.2.2 Scopes

Scope is a representation of a set of rights at a protected resource. Scopes are represented by strings in the OAuth protocol, and they can be combined into a set by using a space-separated list. Scopes are defined by the protected resource.

1.2.3 Authorization Grants

The authorization grant is the method for getting a token. Several different kinds of authorization grants exist in OAuth. Like:

  • authorization code

1.3 Steps

  1. The Resource Owner indicates to the Client that they would like the Client to act on their behalf
  2. The Client requests authorization from the Resource Owner at the Authorization Server.
  3. The Resource Owner grants authorization to the Client.
  4. The Client receives a Token(Bearer) from the Authorization Server.
  5. The Client presents the Token(Bearer) to the Protected Resource.