We specialize in Products, Application and Infrastructure security assessments and deep technical security training.
OAuth Security Overview
by Chirag Solanki
In OAuth, “Auth” stands for Authorization as well as Authentication. Before OAuth, there were other authentication methods used to protect the user’s ID and password from other applications. When user accesses a secured web application it first verifies your identity by login us in and then it ensures that users have access only to data or functionality in the application which are authorized. So basic requirements are identity and permission for authentication and authorization. OAuth allowed an application to gain access to users data within another application without knowing the user login ID and password for the second application. When authentication by OAuth is performed, the service provider asks whether a user wants to authorize the request of the third-party application or it has their own authentication. OAuth History