OAuth 2.0

What Does OAuth 2.0 Mean?

OAuth 2.0 is the successor to OAuth, an open authentication tool that allows users to share private resources without giving external parties or programs access to all of their identification data. OAuth 2.0 represents a revision of the original OAuth created in 2006 and contrasts with other similar authentication tools.


Techopedia Explains OAuth 2.0

OAuth works by using authentication tokens, which act as pointers to a resource and provide parameters for sharing, such as a limited time window. This way, the user can give third parties access to certain features and functions in a program without giving access to everything stored therein, including personal data. This is similar to an authenticator called OpenID, but the two protocols are somewhat different. Whereas OAuth authorizes third parties to use some of a user’s protected resources, OpenID is more focused on authorizing access to their identity.

One example that is often used to explain OAuth 2.0 and related versions is that the authenticator uses a string as a valet key for access to a particular item. The criticism here is that just like a key, a hacker could obtain the token and gain unauthorized access. Although current development of OAuth 2.0 promote widespread use through compatibility with Facebook and other platforms, some critics are concerned that this protocol could be a liability for overall network security depending on implementation.


Related Terms

Latest Cybersecurity Terms

Related Reading

Margaret Rouse

Margaret Rouse is an award-winning technical writer and teacher known for her ability to explain complex technical subjects to a non-technical, business audience. Over the past twenty years her explanations have appeared on TechTarget websites and she's been cited as an authority in articles by the New York Times, Time Magazine, USA Today, ZDNet, PC Magazine and Discovery Magazine.Margaret's idea of a fun day is helping IT and business professionals learn to speak each other’s highly specialized languages. If you have a suggestion for a new definition or how to improve a technical explanation, please email Margaret or contact her…