Glossary

ProgrammableWeb's glossary of API and other technology terms and defination
A B C D E F G H I J K L M N O P Q R S T U V W X
OAuth

OAuth is a standard, open authorization protocol that helps secure web applications. OAuth improves API security and is a more advanced security option compared to Basic HTTP Basic Authentication or API keys. There are many different OAuth authorization flows designed for different web development scenarios. A basic OAuth flow involves a server, client, an OAuth server, which exchange public and private tokens. Paired with other open-source solutions like OpenID Connect, OAuth can be utilized to delegate users' identities throughout a platform. Exchanging signed JSON Web Tokens (JWTs) within OAuth flows is a way to pass user assertions securely. Thus, building OAuth into microservices can help delete identity and authorization to improve overall security. IETF standardizes OAuth 2.0.