English OAuth Server Overview

OAuth is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, without exposing user credentials. This page provides an overview of the OAuth server on our platform.

What is OAuth?

OAuth is an open standard for authorization that provides a secure way for users to grant third-party access to their resources without sharing their credentials. It allows applications to access user data on behalf of the user, with the user's consent.

OAuth Server Features

• Secure Access: OAuth ensures that user credentials are not exposed to third-party applications.
• Scopes: Applications can request specific scopes of access, allowing users to control the level of access granted.
• Token-based Authentication: OAuth uses tokens to authenticate requests, which are short-lived and can be easily revoked.

How to Use the OAuth Server

1. Register an Application: First, you need to register your application on the OAuth server to obtain client credentials.
2. Obtain an Access Token: Once registered, your application can use the client credentials to obtain an access token.
3. Access User Resources: Use the access token to access the user's resources on the HTTP service.

Additional Resources

For more detailed information about OAuth and how to implement it in your application, please refer to the following resources:

• OAuth 2.0 Authorization Framework
• OAuth 2.0 Threat Model and Security Considerations

OAuth Flow Diagram