SSO, Standard

چیست؟ OAuth 2.0

Posted on by SSO Plus
OAuth 2 چیست/ sso چیست / SSO پلاس
10
مارس

OAuth 2.0 (Open Authorization 2.0) is an open standard for access delegation and authorization. It is commonly used to enable secure third-party access to resources without exposing user credentials. OAuth 2.0 is widely used for authentication and authorization in various web and mobile applications. Here are some key concepts and components of OAuth 2.0:

  1. Roles:

    • Resource Owner: The entity that owns the resource (e.g., the user).
    • Client: The application that is requesting access to the resource on behalf of the resource owner.
    • Authorization Server: The server that authenticates the resource owner and issues access tokens after obtaining authorization.
    • Resource Server: The server hosting the protected resources that the client wants to access.

  2. Authorization Grant Types:

    • Authorization Code: Used by confidential clients (e.g., web applications) to obtain an authorization code, which is then exchanged for an access token.
    • Implicit: Used by public clients (e.g., mobile or JavaScript apps) to obtain an access token directly.
    • Resource Owner Password Credentials: In cases where the client is trusted with the user’s credentials, it can directly exchange the username and password for an access token.
    • Client Credentials: Used for server-to-server communication where the client is the owner of the resource.

  3. Access Tokens:

    • Access tokens are credentials used to access protected resources on behalf of the resource owner.
    • They can be short-lived and are used to authenticate requests to the resource server.

  4. Authorization Server:

    • The authorization server is responsible for authenticating the resource owner, obtaining authorization, and issuing access tokens to the client.

  5. Scopes:

    • Scopes define the specific permissions or access levels requested by the client. They allow the resource owner to control what actions the client can perform on their behalf.

  6. Redirect URI:

    • During the authorization process, the client specifies a redirect URI where the authorization server sends the user after authentication.

  7. Bearer Tokens:

    • Access tokens in OAuth 2.0 are often bearer tokens, meaning that possession of the token is sufficient to access the protected resources. This emphasizes the importance of securing the token.

OAuth 2.0 is widely used for integrating authentication and authorization into various applications and services, especially in scenarios where third-party access is required. It provides a flexible framework that can be adapted for different use cases, making it a popular choice for securing APIs and enabling Single Sign-On (SSO) capabilities.

SSO Plus

دیدگاهتان را بنویسید

نشانی ایمیل شما منتشر نخواهد شد. بخش‌های موردنیاز علامت‌گذاری شده‌اند *