oauth tutorial - OAuth Roles - oauth2 tutorial - oauth authentication




What are Roles in OAuth 2.0?

There are four types of roles of users and application which are given and are defined by OAuth 2.0 and they are

    • Resource Owner
    • Resource Server
    • Client Application
    • Authorization Server
  • The resource owner is the person or an application that owns the data which is to be shared.
  • The user on Facebook or Google should be a resource owner which own is their data.
  • The resource owner is given in the diagram as a person, which is the most common situation for OAuth 2.0.
  • The resource owner could also be an application. The OAuth 2.0 specification mentions both of the possibilities.
  • The resource server is the server which hosts the resources.
  • The client application is the application which gives access to the resources stored on the resource server.
  • The resources of the client are owned by the resource owner.
  • A client application can be given as a game request access to a user’s Facebook account.
  • The authorization server is the server which authorizing the client app to access resources of the resource owner.
  • The authorization server and the resource server can have the same serve
  • The OAuth 2.0 specification does not say anything about how these two servers should communicate, if they are separate.
  • This is an internal design decision made by the resource server + authorization server developers.
  • The table which is given below show us the description of the roles which are done in OAuth 2.0
 learn oauth tutorial - OAuth 2.0 Roles - oauth example

learn oauth tutorial - OAuth 2.0 Roles - oauth example -

Description of the diagram

Resource Owner

  • This entity can grant access to a protected resource or a service.
  • The resource owner is a person (like an end user), an application that owns the service, or a security policy.
  • The resource owner is depicted in the illustration that follows as a person, which is probably the most common situation.

Resource Server

  • This is the server hosting the protected resource or service.
  • The resource server can accept and respond to protected resource requests.
  • A resource server which represents an application hosting cloud services.

Client Application

  • This is an application that can make protected resource requests on behalf of the resource owner.
  • The client application is the application requesting access to the resources stored on the resource server.
  • The client application also obtains authorization from the resource owner.
  • The client application is also referred to as OAuth client.
  • In the Oracle Cloud, an OAuth client represents an application while making a REST API call.
  • Examples of OAuth clients are the Oracle Mobile Cloud Service and the Oracle Java Cloud Service-SaaS Extension

Authorization Server

  • This server supplies access tokens to the client after successfully authenticating the resource owner and obtaining the authorization for the server.
  • In Oracle Cloud, the OAuth service takes on this responsibility for the authorization server.

Related Searches to OAuth Roles

Adblocker detected! Please consider reading this notice.

We've detected that you are using AdBlock Plus or some other adblocking software which is preventing the page from fully loading.

We don't have any banner, Flash, animation, obnoxious sound, or popup ad. We do not implement these annoying types of ads!

We need money to operate the site, and almost all of it comes from our online advertising.

Please add wikitechy.com to your ad blocking whitelist or disable your adblocking software.

×