OAuth explained | OAuth 2.0

🔥More exclusive content: Twitter: Website: Blog: 00:00 What is OAuth and what problem does it solve? 01:07 OAuth authorization servers 02:09 OAuth scopes 03:13 OAuth grant types 04:05 OAuth for service accounts (two legged OAuth) 06:06 Two-legged OAuth 07:00 OAuth is an authorization framework In this video we explain the concepts behind OAuth (Open Authorization) which allows third party applications to get limited access to APIs either on behalf of a person or on behalf of itself. We cover why OAuth exists and how OAuth makes sure that username and passwords do not need to be shared with third party applications. With OAuth you can request access tokens from an authorization server so that you can access an API (resource server) on behalf of the resource owner. To obtain the token, you need to log in at the authorization server. There are several ways in which a third party application can obtain an access token - the so called grant types. A grant type is a way with which a third party application can get access tokens. OAuth provides a variety of grant types such as authorization code flow, device code flow, client credentials flow and password flow. The implicit flow and the password grant are no longer recommended by the OAuth working group