What is OAuth 2.0?
OAuth 2.0 is an authorization framework that enables an application (client) to obtain limited access to an HTTP service (resource server) on behalf of a resource owner. It's crucial to understand that OAuth is not an authentication protocol; it's about authorization – granting permissions, not verifying identity. Think of it as a valet key for your car: you give the valet a key that only allows them to drive and park, not open the trunk or glove compartment. This delegated access avoids the insecure practice of sharing the user's primary credentials (username and password) directly with the client application.
