Authorization and Access Control Methods
Authorization: It pertains to describing what the user account has access to or doesn’t have access to
One very popular open standard for ​authorization and access delegation is OAuth, ​used by companies like Google, Facebook, and Microsoft.
OAuth: An open standard that allows users to grant third-party websites and applications access to their information without sharing account credentials
- OAuth is commonly used to grant access to third party applications to APIs ​offered by large internet companies like Google, Microsoft and Facebook.

 ​OAuth permissions can be used in phishing style attacks to gain access to accounts ​without requiring credentials to be compromised
 ​It’s important to distinguish between OAuth and open ID. ​OAuth is specifically an authorization system and ​open ID is an authentication system though they’re usually used together