Using Social Media Accounts to log in.

OAuth is a commonly used authorization framework that enables websites and web applications to request limited access to a user's account on another application. Crucially, OAuth allows the user to grant this access without exposing their login credentials to the requesting application. This means users can fine-tune which data they want to share rather than having to hand over full control of their account to a third party.

It works by defining a series of interactions between three distinct parties, namely a client application, a resource owner, and the OAuth service provider.

• Client application - The website or web application that wants to access the user's data.
• Resource owner - The user whose data the client application wants to access.
• OAuth service provider - The website or application that controls the user's data and access to it. They support OAuth by providing an API for interacting with both an authorization server and a resource server.

OAuth code grant type

GET /authorization?client_id=12345&redirect_uri=https://client-app.com/callback&response_type=code&scope=openid%20profile&state=ae13d489bd00e3c24 HTTP/1.1 Host: [oauth-authorization-server.com](<http://oauth-authorization-server.com/>)

Important parms :