OAuth 2.0 Authentication

OAuth stands for Open Authentication

OAuth 1.0 was designed only for the web Browsers which was enhanced to support apps, APIs, non browser apps etc in OAuth 2.0.

• Users and Credentials are stored in a Authentication server eg. Google

Credentials are made of Scope and Claim

• Scope: Information that can be accessed
• Claim: Set of key-value pairs

User authenticates against an auth server Only ONCE

• Using the same Authentication Token all Microservices that use the same Auth Server can be accessed.(if its allowed)