OAuth 2.0 OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for web applications, desktop …

Getting Started Below are some guides to OAuth 2.0 which cover many of the topics needed to understand and implement clients and servers. OAuth 2.0 Simplified OAuth 2.0 Simplified, written by …

Mar 2, 2026 · OAuth Working Group Specifications Current active drafts in the OAuth working group Active Drafts

An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications. Learn more about OAuth 2.0 »

User Authentication with OAuth 2.0 The OAuth 2.0 specification defines a delegation protocol that is useful for conveying authorization decisions across a network of web-enabled applications and APIs. …

RFC 9700: OAuth 2.0 Security Best Current Practice datatracker.ietf.org/doc/html/rfc9700 OAuth 2.0 Security Best Current Practice describes security requirements and ...

OAuth 2.0 Authorization Code Grant tools.ietf.org/html/rfc6749#section-1.3.1 The Authorization Code grant type is used by confidential and public clients to exchange ...

OAuth 2.1 datatracker.ietf.org/doc/html/draft-ietf-oauth-v2-1 OAuth 2.1 is an in-progress effort to consolidate and simplify the most commonly used features of OAuth ...

RFC 7662: Token Introspection tools.ietf.org/html/rfc7662 The Token Introspection extension defines a mechanism for resource servers to obtain information about ...

RFC 6749 Section 2.3: OAuth 2.0 Client Authentication rfc-editor.org/rfc/rfc6749#section-2.3 Confidential clients authenticate when making requests to the OAuth ...