Monday, April 1, 2013

OAuth 2.0 - Roles

OAuth Roles

OAuth defines four roles 

  • Resource Owner : The Entity or an End-User who owns the resources. These resources can be referred to as 'protected resource'. A resource owner alone control the rights to grant accesses  to its restricted resources, to different third party applications
  • Resource Server : Server that is hosting the protected resources 
  • Client : Any applications interacting with Resource server to access the procted resources on the behalf of the resource owner
  • Authorisation server : The server issuing access tokens to the client after successfully authenticating Resource owner and obtaining authorisation.

The authorisation server may be the same server as the Resource server or a separate Entity. A single Authorisation server may issues access tokens to multiple Resource servers.

<< previous                          >> next

No comments:

Post a Comment