!!! Overview
[OAuth 2.0] is about [Delegation] not [Authorization]

[OAuth 2.0] is __NOT__ an [Authentication] protocol. (But you could build one on top of [OAuth 2.0] as is done with [OpenID Connect])

[OAuth 2.0] is __NOT__ an [Authorization] protocol.

[OAuth 2.0] is often called an [authorization] protocol, even the [RFC 6749] is called "The OAuth 2.0 Authorization Framework". However, [{$pagename}] is a [delegation] protocol. 

What is delegated is a subset of the a [Resource Owner] (user)’s [authorization].  [OAuth 2.0] does __NOT__ even perform the [Authorization] but rather provides a protocol (via [Authorization Request]) where a [OAuth Client] can request that a user [delegate|delegation] some of their authority. The [Resource Owner] (user) can then approve, or deny, the request, and the [OAuth Client] can then act on it with the results of that approval.

[{$pagename}] provides for the [Delegation] of [Authorization] 
* By the [Resource Owner] 
* to the [OAuth Client]
* for [Resource Server]

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]