OAuth

Overview

Direct Answer

OAuth is an open standard protocol that enables secure delegation of user authentication and authorisation without sharing passwords. It allows users to grant third-party applications access to their resources on other platforms through the use of access tokens rather than credentials.

How It Works

The protocol operates through a token exchange mechanism where a user redirects to an authorisation server, authenticates, and approves access scopes for a requesting application. The server issues time-limited access tokens that the third-party application uses to interact with protected resources on behalf of the user, without ever handling the user's password.

Why It Matters

OAuth reduces security risk by eliminating password sharing, strengthens compliance with data protection regulations through granular permission controls, and accelerates user onboarding by enabling single sign-on across multiple services. Organisations benefit from reduced support costs and improved user experience when managing federated identity systems.

Common Applications

OAuth is widely deployed in social login implementations, enterprise identity management systems, mobile application authentication, and API authorisation frameworks. Real-world instances include user account integration with third-party applications, cross-platform service authorisation, and cloud resource access management.

Key Considerations

Organisations must carefully scope permissions to minimise exposure if tokens are compromised, and manage token lifecycle through refresh mechanisms to balance security with usability. Implementation complexity varies significantly across different OAuth flows, requiring selection appropriate to the application architecture and threat model.

Cross-References(1)

Blockchain & DLT

Token

Related in Strategy & Economics

Multi-Cloud

A strategy using services from multiple cloud providers to avoid vendor lock-in and optimise capabilities.

Hybrid Cloud

An IT architecture combining on-premises infrastructure with public and private cloud services.

Cloud Security

The set of policies, technologies, and controls deployed to protect cloud-based systems, data, and infrastructure.

Identity and Access Management

A framework for managing digital identities and controlling user access to resources and systems.

Single Sign-On

An authentication scheme allowing users to log in once and gain access to multiple related systems.

Cloud Database

A database service built, deployed, and accessed through a cloud platform, offering scalability and managed operations.

Reserved Instance

A cloud pricing model where users commit to a specific resource configuration for a term in exchange for discounted rates.

Cloud Governance

The policies, procedures, and tools for managing cloud resource usage, security, compliance, and costs.

Multi-Tenancy

A software architecture where a single instance serves multiple customers, with each tenant's data isolated and invisible to others.

Cloud Bursting

A configuration where an application runs in a private cloud and bursts into a public cloud when demand spikes.

Cloud-Native Database

A database designed from the ground up to operate in cloud environments with automatic scaling and high availability.

Serverless Database

A database service that automatically provisions, scales, and manages infrastructure on demand without manual server management.

More in Cloud Computing

Managed Service

Service Models

A cloud service where the provider handles infrastructure management, maintenance, updates, and monitoring.

Message Queue

Architecture Patterns

A communication method where messages are stored in a queue until the receiving application can process them.

Internal Developer Portal

Deployment & Operations

A centralised web interface that provides developers with self-service access to infrastructure, services, documentation, and templates within their organisation.

Function as a Service

Service Models

A serverless cloud computing model where individual functions are executed in response to events.

Software as a Service

Service Models

Cloud computing model that delivers software applications over the internet on a subscription basis.

gRPC

Architecture Patterns

A high-performance remote procedure call framework developed by Google using Protocol Buffers for serialisation.

Cloud Cost Optimisation

Service Models

Strategies and practices for minimising cloud computing expenses while maintaining performance and functionality.

Kubernetes

Infrastructure

An open-source container orchestration platform for automating deployment, scaling, and management of containerised applications.

Overview

Direct Answer

How It Works

Why It Matters

Common Applications

Key Considerations

Cross-References(1)

Related in Strategy & Economics

Multi-Cloud

Hybrid Cloud

Cloud Security

Identity and Access Management

Single Sign-On

Cloud Database

Reserved Instance

Cloud Governance

Multi-Tenancy

Cloud Bursting

Cloud-Native Database

Serverless Database

More in Cloud Computing

Managed Service

Message Queue

Internal Developer Portal

Function as a Service

Software as a Service

gRPC

Cloud Cost Optimisation

Kubernetes

See Also

Token