This chapter covers

• Registering an OAuth client
• Requesting authorization to protected resources
• Granting authorization without exposing authentication credentials
• Accessing protected resources

OAuth 2 is an industry standard authorization protocol defined by the IETF. This protocol, which I refer to as just OAuth, enables users to authorize third-party access to protected resources. Most importantly, it allows users do this without exposing their authentication credentials to third parties. In this chapter, I explain the OAuth protocol, walking through it with Alice, Bob, and Charlie. Eve and Mallory both make an appearance as well. I also show you how to implement this protocol with two great tools, Django OAuth Toolkit and