OAuth 2.0 – authorizing user access

OAuth 2.0 is an authorization protocol that allows a user to authorize access to data and APIs (resources) from one application to another. Even though OAuth 2.0 is not an authentication protocol, often times the user must be authenticated by the application providing access before access to resources can be authorized. In a nutshell, using the OAuth 2.0, protocol, a website that a user is trying to log into (also known as a service provider), can request authorization of the user to an identity provider (i.e. the SSO server). The identity provider can authenticate the user as it wants and can even prompt the user to authorize the access to the service provider. The service provider then receives an access token which can be used to call APIs or access the user’s data or identity information so the user can be logged into the website and can perform the operations required in the website.

You can read a more in-depth explanation of OAuth 2.0 in this Medium article. OmniDefend fully implements the OAuth 2.0 protocol and you can use OmniDefend to perform SSO to applications that support the protocol. In addition, if you are developing your own application, you can use the OAuth 2.0 protocol to allow users to use OmniDefend authentication to log into your website in a secure way.