OAuth is an open protocol that simplifies and standardizes secure authorization on web, mobile, and desktop applications. It allows users to create accounts on websites without having to create a username or password. It’s commonly seen on websites as the Sign in with platform button like the one shown in Figure 17-1, where the platform is Facebook, Google, LinkedIn, Twitter, or so on.


Figure 17-1: Example OAuth Sign in with Google button

OAuth vulnerabilities are a type of application configuration vulnerability, meaning ...

Get Real-World Bug Hunting now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.