Introduction to the Course

Get an overview of OAuth 2.0, and learn about the prerequisites and intended audience of this course.

We'll cover the following

Prior to OAuth, the traditional way to enable a third-party application to gain access to an account was by providing the user credentials to it. This approach resulted in a number of issues. First, it provided the application with complete access to the user’s account, leaving it exposed to potential malicious activity. Second, since the applications would store user passwords when logging in to a service, the user would need to change the password later to revoke the access.

OAuth is useful for preventing these problems from occurring in the first place. It enables applications such as Google, Facebook, and GitHub to obtain limited access to user accounts on an HTTP service. It delegates user authorization to the service that hosts a user account and allows third-party applications to access only that user account.

Open Authorization, also known as OAuth 2.0, is an authorization protocol that provides consented access to websites and applications on one host to obtain resources from another host. These resources are accessed on behalf of the user without any disclosure of the user’s credentials, especially their passwords. Moreover, it offers limited access with user consent, thereby restricting the client application’s actions on the resources.

OAuth 2.0 is the successor to OAuth 1.0, and it provides authorization flows for web, desktop, and mobile applications. It’s the most prevalent authorization protocol for online applications in the industry right now. Its specifications and extensions are developed within the IETF OAuth working group.

Who is this course for?

This course is designed for developers who’re interested in exploring OAuth 2.0. It provides learners a basic understanding of OAuth 2.0 with the help of hands-on examples.

Prerequisites

In order to take this course, you should have a basic understanding of the authorization and the authentication process of a basic client-server application model. Moreover, you should also have some experience with web development and an understanding of various web architectures.