September 2019
Intermediate to advanced
668 pages
15h 59m
English
Content preview from Hands-On Microservices with Spring Boot and Spring Cloud
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Introduction to OAuth 2.0
OAuth 2.0 is a widely accepted open standard for authorization that enables a user to give consent for a third-party client application to access protected resources in the name of the user.
So, what does this mean?
Let's start with sorting out the concepts used:
- Resource owner: The end user.
- Client: The third-party client application, for example, a web app or a native mobile app, that wants to call some protected APIs in the name of the end user.
- Resource server: The server that exposes the APIs that we want to protect.
- Authorization server: The authorization server issues tokens to the client after the resource owner, that is, the end user, has been authenticated. The management of user information and the authentication ...