🔑

OAuth 2.0

Authentication

Authorization Single Sign‑On (SSO) Access Token Refresh Token PKCE Scope

Authorization framework that issues scoped access tokens to clients instead of sharing user credentials.

Definition

OAuth 2.0 is an authorization framework where a client obtains an access token (and sometimes a refresh token) to call APIs on a user’s behalf. Tokens are scoped and time-limited, and can be revoked.

In plain English Authorization framework that issues scoped access tokens to clients instead of sharing user credentials.

Why this matters

Why it matters: Correct OAuth design reduces credential theft risk and supports least-privilege access; misconfiguration can still enable token abuse.

Example

Example: A client uses the authorization code flow with PKCE to receive a short-lived access token scoped to “read:calendar”.

OAuth 2.0

Definition

Why this matters

Example

Accessibility Settings

Text Size

Theme

Contrast Level

Language & Content

Need help with a term? Open the glossary