OAuth2 0 Flow Step by Step | Authorization Technique | Day 9 | Interview Question

What is 𝐎𝐀𝐮𝐭𝐡𝟐.𝟎 : This is an 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐚𝐭𝐢𝐨𝐧 mechanism 𝐧𝐨𝐭 𝐀𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐢𝐨𝐧 mechanism 𝐎𝐚𝐮𝐭𝐡 stands for 𝐎𝐩𝐞𝐧 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐚𝐭𝐢𝐨𝐧 as this is open standard 𝐎𝐚𝐮𝐭𝐡𝟐.𝟎 is 𝐩𝐫𝐨𝐭𝐨𝐜𝐨𝐥 or we can call it a 𝐅𝐫𝐚𝐦𝐞𝐰𝐨𝐫𝐤 as well 𝐏𝐮𝐫𝐩𝐨𝐬𝐞: Oauth2.0 is used to 𝐚𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐞 𝟑𝐫𝐝 𝐩𝐚𝐫𝐭𝐲 𝐚𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬 to access 𝐫𝐞𝐬𝐨𝐮𝐫𝐜𝐞𝐬 of user on behalf of User 𝐑𝐨𝐥𝐞𝐬 in OAuth2.0: 1. 𝐑𝐞𝐬𝐨𝐮𝐫𝐜𝐞 𝐎𝐰𝐧𝐞𝐫: Person who owns the resources 2. 𝐂𝐥𝐢𝐞𝐧𝐭: 3rd party application that want to access Resource owner resources. So, it should have the Access token of the Resource owner 3. 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐚𝐭𝐢𝐨𝐧 𝐒𝐞𝐫𝐯𝐞𝐫: Authorization server helps client obtaining access token of Resource owner 4. 𝐑𝐞𝐬𝐨𝐮𝐫𝐜𝐞 𝐒𝐞𝐫𝐯𝐞𝐫: Once the client has Access Token it can use the access token to access Resource owners protected resources. How 𝐎𝐚𝐮𝐭𝐡𝟐.𝟎 flow 𝐰𝐨𝐫𝐤𝐬? ⭐ First Client should be 𝐫𝐞𝐠𝐢𝐬𝐭𝐞𝐫𝐞𝐝 against OAuth server to obtain client id and client secret ⭐ Now client will make 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐚𝐭𝐢𝐨𝐧 𝐑𝐞𝐪𝐮𝐞𝐬𝐭 to Authorization server with client id and client secret ⭐ Now 𝐑𝐞𝐬𝐨𝐮𝐫𝐜𝐞 𝐨𝐰𝐧𝐞𝐫 need to enter credentials to 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐞 𝟑𝐫𝐝 𝐩𝐚𝐫𝐭𝐲 𝐚𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬 to access Resource Owner resources ⭐ Once Resource owner grant the permission, Authorization server will issue 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐚𝐭𝐢𝐨𝐧 𝐜𝐨𝐝𝐞 based on Grant Type ⭐Now, client need to hit Token end point to obtain 𝐀𝐜𝐜𝐞𝐬𝐬 𝐓𝐨𝐤𝐞𝐧 by passing Authorization Code received in previous step ⭐With Access Token client can now access protected 𝐑𝐞𝐬𝐨𝐮𝐫𝐜𝐞𝐬 of Resource owner 𝐆𝐫𝐚𝐧𝐭 𝐓𝐲𝐩𝐞𝐬: -Way of getting Access Token from Authorization Server 𝟏. 𝐀𝐮𝐭𝐡𝐨𝐫𝐢𝐳𝐚𝐭𝐢𝐨𝐧 𝐂𝐨𝐝𝐞: Server issues auth code and auth code is used to get access token 𝟐. 𝐈𝐦𝐩𝐥𝐢𝐜𝐢𝐭: Server issues access token directly 𝟑. 𝐑𝐞𝐬𝐨𝐮𝐫𝐜𝐞 𝐎𝐰𝐧𝐞𝐫: Authorization server issues Access token directly with resource owner credentials 𝟒. 𝐂𝐥𝐢𝐞𝐧𝐭 𝐂𝐫𝐞𝐝𝐞𝐧𝐭𝐢𝐚𝐥𝐬: Client credentials are used to get Access token from Authorization Server Let us meet in video Regards PrinceAutomationDestination