OAuth Overview

Justin James



What is OAuth 2.0?

An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.

OAuth 2.0 Roles

Resource Owner: the person/app that holds the data to be shared

Resource Server: the application that holds the resources

Authorization Server: app that verified the identity of the users.

Client: app that makes the request to the RS on behalf of the RO

I want to see projects

Hey Back&, could you please give me a list of projects?

This is a protected resource.  You will need to present me an access token

Hey Github, can I get an access token please? 

Back& is asking

Sure, just need to ask a few details to the user first

Could you please provider me your credentials?  I need to verify your identity

No problem.  I am justin@ionic-az.org and my password is ****

The user is who he claims to be.  Here is your access token: 

Hi Back&, this is my token

Hi, I have been given

Could you please tell me who it belongs to?

Sure.  The token is still valid and belongs to justin@ionic-az.org

Here is your list of projects

Here is your list of projects

OAuth is a delegation protocol, as in the


has no idea about the credentials of the

Resource Owner

Example Token Response

 "access_token": "RsT5OjbzRn430zqMLgV3Ia",
 "token_type": "Bearer",
 "expires_in": 3600,
 "refresh_token": "e1qoXg7Ik2RRua48lXIV"

thank you

i'm Justin.


@digitaldrummerj - digitaldrummerj@gmail.com


Made with Slides.com