What is Oauth2 ?
I had went krutunga restaurant in my car. In the restaurant parking person is there, I will hand over my car keys to that hotel parking person. He will park my car into parking area.
Means ?
I am delegating my access to hotel parking person to park my car.
I ( Ramesh) - Resource Owner - User Context
Hotel Parking Person - Client - Client Context
Car - Resource
In the oauth2 means having 2 contexts 1) User Context 2) Client Context don't confuse.
Oauth2 id "Delegate Access Protocol"
OAuth2 having 4 main pillars
1) End User - Resource Owner
2) Client - Web application client/ any other
3) Authorization Server
4) Resource
Difference between Password Credentials and Authorization Code ?
In Password Credentials, EndUser (Ramesh) will give his credentials to Webapp Client, then Webapp Client will talk to (EndUser Credentials + Webapp Client Credentials) to Authorization Server.
In case Authorization code,
1) EndUser (Ramesh) will not share his credentials to Webapp Client,
Instead Authorization server will give login form, Enduser will enter his credentials login form, Authorization will evaluate it.
For Authorization code example:
https://www.linkedin.com/pulse/basic-oauth2-concepts-ramesh-vankayala-ramesh-vankayala/?published=t
I will update soon with diagrams to explain this concept.
I had went krutunga restaurant in my car. In the restaurant parking person is there, I will hand over my car keys to that hotel parking person. He will park my car into parking area.
Means ?
I am delegating my access to hotel parking person to park my car.
I ( Ramesh) - Resource Owner - User Context
Hotel Parking Person - Client - Client Context
Car - Resource
In the oauth2 means having 2 contexts 1) User Context 2) Client Context don't confuse.
Oauth2 id "Delegate Access Protocol"
OAuth2 having 4 main pillars
1) End User - Resource Owner
2) Client - Web application client/ any other
3) Authorization Server
4) Resource
Difference between Password Credentials and Authorization Code ?
In Password Credentials, EndUser (Ramesh) will give his credentials to Webapp Client, then Webapp Client will talk to (EndUser Credentials + Webapp Client Credentials) to Authorization Server.
In case Authorization code,
1) EndUser (Ramesh) will not share his credentials to Webapp Client,
Instead Authorization server will give login form, Enduser will enter his credentials login form, Authorization will evaluate it.
For Authorization code example:
https://www.linkedin.com/pulse/basic-oauth2-concepts-ramesh-vankayala-ramesh-vankayala/?published=t
I will update soon with diagrams to explain this concept.
No comments:
Post a Comment