OAuth 2.0 is an authorization framework that provides a common denominator for authorization.
OAuth provides a method for clients to access server resources on behalf of a resource owner (such as a mobile device or an end-user). It also provides a process for end-users to authorize third-party access to their resources without sharing their credentials.
OAuth 2.0 can be used to solve a range of use cases like API access management, posting on someone’s wall, and using IOT services. If you are looking for a specific profile of OAuth 2.0 for attribute release and authentication, you need to look more closely at OpenID Connect (hereafter “Connect”).
We encourage you to read our article, OAuth vs. SAML vs. OpenID Connect, to learn more about how OAuth 2.0 works and how it has been profiled to provide a scalable solution for federated authentication and authorization.