The OAuth 2.0 protocol is a very popular way to authenticate a user, even though the protocol was initially designed to be used as a way to authorize third-party services to access the user's data. In a nutshell, the OAuth 2.0 protocol involves four parties:
- Resource owner: A person who owns the data in the resource server. For instance, I'm the owner of my data on Twitter.
- Resource server: The server that stores the data the client wants to access. For example, the Twitter API server is a resource server.
- Authorization server: The server that will perform the authorization of the data access requested from the clients. Usually, the resource server and the authorization server are the same one.
- Client: The application that wants ...