This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
OAuth 2.0 Authorization
OAuth 2.0 Authorization

Version management

Difference between version and

At line 1 added 19 lines
!!! Overview
[OAuth 2.0] is about [Delegation] not [Authorization]
[OAuth 2.0] is __NOT__ an [Authentication] protocol. (But you could build one on top of [OAuth 2.0] as is done with [OpenID Connect])
[OAuth 2.0] is __NOT__ an [Authorization] protocol.
[OAuth 2.0] is often called an [authorization] protocol, even the [RFC 6749] is called "The OAuth 2.0 Authorization Framework". However, [{$pagename}] is a [delegation] protocol.
What is delegated is a subset of the a [Resource Owner] (user)’s [authorization]. [OAuth 2.0] does __NOT__ even perform the [Authorization] but rather provides a protocol (via [Authorization Request]) where a [OAuth Client] can request that a user [delegate|delegation] some of their authority. The [Resource Owner] (user) can then approve, or deny, the request, and the [OAuth Client] can then act on it with the results of that approval.
[{$pagename}] provides for the [Delegation] of [Authorization]
* By the [Resource Owner]
* to the [OAuth Client]
* for [Resource Server]
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop