Add more security sensitive examples to intro to illustrate suitability

oauth-wg / oauth-v2-1

OAuth 2.1 is a consolidation of the core OAuth 2.0 specs

https://oauth.net/2.1/

Other

52 stars 27 forks source link

Add more security sensitive examples to intro to illustrate suitability #122

Open tlodderstedt opened 2 years ago

tlodderstedt commented 2 years ago

A bit about OAuth adoption in scenarios beyond its original scope (e.g. Open Banking).

aaronpk commented 2 days ago

With OAuth, an end user (resource owner) can grant a printing service (client) access to their protected photos stored at a photo- sharing service (resource server), without sharing their username and password with the printing service. Instead, they authenticate directly with a server trusted by the photo-sharing service (authorization server), which issues the printing service delegation- specific credentials (access token).

aaronpk commented 2 days ago

Related to #168