OAuth is an authorization framework that allows third-party applications to access user resources on another service without requiring users to share their passwords. When you click 'Sign in with Google' on a website, OAuth is handling the authorization flow. The user approves access, Google provides a token, and the website uses that token to access authorized resources.
0 is the current standard. It separates authentication from authorization through a series of redirects and token exchanges. The resource owner (user) authorizes a client application to access their resources on a resource server, mediated by an authorization server. ' Users can revoke access at any time without changing their password. The security model protects both users and applications.
Users never expose credentials to third parties. Applications never store passwords they must protect. The risk surface is the token itself, stolen tokens can impersonate users until they expire or are revoked. OAuth is foundational to modern web architecture: nearly every login system, API integration, and third-party application uses it.
Interactive Visualizer
OAuth 2.0 Authorization Flow
Interactive visualization of how OAuth allows secure third-party access without sharing passwords
User
Wants to sign in
Client App
Third-party website
Auth Server
Google OAuth
User clicks 'Sign in with Google'
User initiates OAuth flow