Authorization and Access Control Methods

Authorization: It pertains to describing what the user account has access to or doesn’t have access to Pasted image 20260703061916 One very popular open standard for ​authorization and access delegation is OAuth, ​used by companies like Google, Facebook, and Microsoft.

OAuth: An open standard that allows users to grant third-party websites and applications access to their information without sharing account credentials

  • OAuth is commonly used to grant access to third party applications to APIs ​offered by large internet companies like Google, Microsoft and Facebook. Pasted image 20260703062142

 ​OAuth permissions can be used in phishing style attacks to gain access to accounts ​without requiring credentials to be compromised

 ​It’s important to distinguish between OAuth and open ID. ​OAuth is specifically an authorization system and ​open ID is an authentication system though they’re usually used together