!!! Overview
When working with [OAuth 2.0] protocols you might wonder [{$pagename}]?

When resources are protected with [OAuth 2.0], users can use their [credentials] with an [OAuth 2.0]-compliant [Identity Provider (IDP)], such as [OpenAM], Facebook, Google and others to access the resources, rather than setting up __yet an account__ with third-party application.

[Access Tokens] are the [credentials] used to access [Protected Resources]. An [Access Token] is just a string that represents the [authorization] to access [Protected Resources] given by the [Authorization Server]. An [Access Token], like cash, is a [bearer Token]. Which implies means that anyone who has the [Access Token] can use it to get the [Protected Resources]. 

Access tokens therefore must be protected, so requests involving them must go over [HTTPS]. 

One of the key advantages of [Access Tokens] over passwords or many other [credentials] is that [Access Tokens] can be granted and revoked without exposing the [user's|Resource Owner] [credentials].

!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]