Introduction to the Course
Get an overview of OAuth 2.0, and learn about the prerequisites and intended audience of this course.
We'll cover the following
Prior to OAuth, the traditional method of granting a third-party application access to a resource hosted by another server was to provide it with user credentials. This approach resulted in a number of issues. First, it provided the application with complete access to the user’s account, leaving it exposed to potential malicious activity. Second, since the applications would store user passwords when logging in to a service, the user would need to change the password later to revoke access.
OAuth is useful in preventing these problems in the first place. It enables resource hosting services, such as Google, Facebook, and GitHub, to provide limited access to the resource owner's resources without disclosing the resource owner's credentials.
OAuth 2.0, also known as Open Authorization 2.0, is an authorization protocol that grants applications consented and fine-grained access to resources on another host. These resources are accessed on behalf of the user without any disclosure of the user’s credentials, especially their passwords. Moreover, this access is limited, thereby restricting the client application’s actions on the resources.
We'll learn about OAuth in depth in this course. After grasping the concepts of OAuth, we'll use the OAuth APIs of Google and Facebook to gain hands-on experience with utilizing OAuth in third-party applications.
What is an API?
An API is a software gateway that allows different software components to communicate with each other. It helps expose the capabilities of an application to the outer world, allowing for programmatic access to the application’s data.
Consider the case of a service that hosts accounts of its users. Building and exposing APIs that provide us limited access to the account resources allows us to programmatically use these resources in our applications.
This course is designed for developers who are interested in exploring OAuth 2.0. It provides learners with a basic understanding of OAuth 2.0 with the help of hands-on examples.
To take this course, you should have a basic understanding of the authorization and authentication process of a basic client-server application model. Moreover, some experience with web development is also preferred.