OAuth is an open protocol to allow secure
API authorization for web applications, desktop applications,
mobile phones, and other devices.
When OAuth is implemented for an API, it provides benefits for potentially three types of users involved:
- API Owners - Allows web application and API owners publish data in a standardized and protected way.
- Web Application Users - Allow users of web applications to open access to their data and resources in a secure way.
- Developers - Provides developers with a standard method for building applications that integrate with APIs.
Virtually any application resource can be shared via an API, including photos, product, location or user information. OAuth can issue access tokens for each individual resource area. OAuth tokens can be unique per developer and for each API service they access, and provide granular security for all API services areas.
OAuth 2.0 is the current implementation and is not backward compatible with OAuth 1.0. OAuth is widely considered the industry standard for API Authentication.
