OAuth
An authorisation framework that lets users grant limited access to their accounts on one service to another service, without sharing passwords.
In-Depth Explanation
OAuth is an open standard for access delegation. It lets users authorise applications to act on their behalf without sharing credentials - the foundation of "Login with Google" and API integrations.
OAuth 2.0 flows:
- Authorization Code: Server-side apps (most secure)
- Client Credentials: Machine-to-machine
- Implicit: Browser-based apps (deprecated)
- Device Code: Smart TVs, CLI tools
- PKCE: Mobile/SPA apps (recommended)
Key OAuth concepts:
- Resource Owner: The user
- Client: Application requesting access
- Authorization Server: Issues tokens
- Resource Server: Holds protected resources
- Access Token: Grants access to resources
- Refresh Token: Gets new access tokens
OAuth vs OpenID Connect:
- OAuth: Authorisation (access to resources)
- OIDC: Authentication (who is the user)
Business Context
OAuth enables secure integrations without password sharing. It's how your apps connect to Google, Salesforce, and other platforms securely.
How Clever Ops Uses This
We implement OAuth integrations for Australian businesses, enabling secure access to third-party services without credential sharing.
Example Use Case
"Connecting your CRM to LinkedIn for lead enrichment - OAuth lets users authorise access to their LinkedIn data without giving your CRM their password."