Security Intermediate

What is OAuth 2.0?

An authorization framework that allows third-party applications to access user resources without sharing passwords.

OAuth 2.0 enables delegated authorization. Instead of sharing credentials, users authorize applications to access specific resources. The framework defines roles: resource owner (user), client (app), authorization server, and resource server.

Grant types include Authorization Code (web apps), Client Credentials (service-to-service), and Device Code (smart TVs). OAuth 2.0 is used by Google, Facebook, GitHub, and most major platforms for third-party access.

Related Terms

Supply Chain Attack

A cyberattack that targets less-secure elements in the software supply chain to compromise downstream users and organizations.

A technique that controls the number of requests a client can make to a server within a specified time period.

Security Headers

HTTP response headers that instruct browsers to enable security features like XSS protection, framing prevention, and content type enforcement.

A regularly updated list of the ten most critical web application security risks, published by the Open Web Application Security Project.

CORS (Cross-Origin Resource Sharing)

A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.

Two-Factor Authentication (2FA)

A security method requiring two different forms of identification before granting access to an account.

View All Security Terms →