- OAuth 2.0 - Discussion
- OAuth 2.0 - Useful Resources
- OAuth 2.0 - Quick Guide
- OAuth 2.0 - IANA Considerations
- OAuth 2.0 - Extensibility
- Accessing a Protected Resource
- Obtaining an Access Token
- OAuth 2.0 - Client Credentials
- OAuth 2.0 - Architecture
- OAuth 2.0 - Overview
- OAuth 2.0 - Home
Selected Reading
- Who is Who
- Computer Glossary
- HR Interview Questions
- Effective Resume Writing
- Questions and Answers
- UPSC IAS Exams Notes
OAuth 2.0 - Architecture
In this chapter, we will discuss the architectural style of OAuth 2.0.
Step 1 − First, the user accesses resources using the cpent apppcation such as Google, Facebook, Twitter, etc.
Step 2 − Next, the cpent apppcation will be provided with the cpent id and cpent password during registering the redirect URI (Uniform Resource Identifier).
Step 3 − The user logs in using the authenticating apppcation. The cpent ID and cpent password is unique to the cpent apppcation on the authorization server.
Step 4 − The authenticating server redirects the user to a redirect Uniform Resource Identifier (URI) using authorization code.
Step 5 − The user accesses the page located at redirect URI in the cpent apppcation.
Step 6 − The cpent apppcation will be provided with the authentication code, cpent id and cpent password, and send them to the authorization server.
Step 7 − The authenticating apppcation returns an access token to the cpent apppcation.
Step 8 − Once the cpent apppcation gets an access token, the user starts accessing the resources of the resource owner using the cpent apppcation.
OAuth 2.0 has various concepts, which are briefly explained in the following table.
Sr.No. | Concept & Description |
---|---|
1 | OAuth provides some additional terms to understand the concepts of authorization. |
2 | Web server depvers the web pages and uses HTTP to serve the files that forms the web pages to the users. |
3 | The user agent apppcation is used by cpent apppcations in the user s device, which acts as the scripting language instance. |
4 | Native apppcation can be used as an instance of desktop or mobile phone apppcation, which uses the resource owner password credentials. |