OAuth is an authorization method used to provide access to resources over the HTTP protocol.
OAuth 1 can be used for authorization of various applications or manual user access.
The general way it works is providing an application with an access token (which represents a user’s permission for the client to access their data) for request authentication.
There are two versions of OAuth authorization: OAuth 2.0 (it uses the HTTPS protocol to pass tokens) and OAuth 1 (it uses HMAC-SHA signature strings).
OAuth 1 Terms
OAuth 1 has a few interacting components:
- User is a person who wants to get access.
- Consumer is an application or website that uses OAuth to access the Service Provider.
- Service Provider is a web application that allows access via OAuth.
- Protected Resource is the data the user wants to access.
OAuth 1 Authorization uses Request Token and Access Token to get access to the resources on the resource server.
The tokens can have different formats and structures based on the service provider security requirements.