With the rise of social media networks, a new security issue has been discovered. Companies built widely-used websites, but also APIs to build our applications. Waves of third-party applications emerged. Social media networks were excited.

More applications involved more views and clicks on their site.

People had to enter their credentials into third-party applications to access the social media networks.

That started to annoy users. If they altered their credentials on the site itself, they had to update their applications as well. That wasn’t the end of it, though. Everyone was compromised if any third-party system (or the site itself) was hacked. Shared credentials have always been problematic. Building an enterprise on top of direct usage was not feasible.

And so arose the concept of OAuth.

OAuth is an open protocol that provides secure delegated access. In practical terms, it allows a third-party application to access the social media network, but it doesn’t store the user’s credentials. Instead, it launches a login page on the social media site itself. The user enters their credentials directly, and a secure token is handed back to the application.

Get hands-on with 1200+ tech skills courses.