What is OAuth2? A Real World Example.


What is OAuth2? It can seem quite complicated, but it doesn’t have to be. Before OAuth2, when you needed to give software services access to your account, you had to give that service your username and password. This meant there was no way to tell whether it was you or the agent accessing your data as a third party doing so on your behalf. That agent had access to everything in that account and you’d have to change the account password when you decided to cancel that service. Just like when you give somebody the physical key to your apartment, that person then has complete access to everything on the inside. You’d have to change the locks if you decided you no longer wanted to allow that access.

How does it work?

With OAuth2, things are different. For instance, rather than giving away your usernames and passwords, they are replaced with “access tokens.” This changes the way third parties access your account. Read about that and more in this forum blog post by ForgeRock's Jake Feasel, in which he explains the need OAuth2 was created to fill, the basic way it works, and what that has to do with the person you hire to walk your dog.

Check out more about the ForgeRock Identity Platform here.


Who Is Greta Sohn?

Who’s Greta? Greta is our Content Marketing Manager. She graduated from University of Washington (go Dawgs!) with a business degree and has worked in Bay Area tech over the past few years. She loves traveling, spending time with her family dog, and her favorite San Francisco landmark is Sutro Tower. You'll most likely find Greta in the Mission District with cheese in one hand and petting someone else's dog with the other.

Recent Posts:

7 Simple Steps to Modernize Your Legacy IAM

Are you being asked to reduce your growing Identity & Access Management (IAM) costs? Are you being asked to support new business initiatives like Digital Transformation, Bring Your Own Device (BYOD), and other borderless workplace initiatives?

Prevent Data Breaches: Identity Logs and Machine Learning

An identity platform like ForgeRock sits right in the heart of an enterprise, with a view of all apps, identities, devices, and resources attempting to connect with each other.

Privacy and Access Management: Insights from Michael Chertoff

Former DHS Secretary Michael Chertoff Talks About Privacy and Access Management at Gartner’s US Security & Risk Summit

On Tuesday morning at the Gartner Security & Risk Management Summit in National Harbor, Maryland, former DHS Secretary Michael Chertoff sat