In the customary client server confirmation model, the client (site, portable application) demands for a safeguarded asset on the waiter, by validating with the waiter, utilizing the asset proprietor's accreditations (username and secret phrase). To give outsider applications admittance to confined assets, the asset proprietor imparts it accreditations to the outsider. This method of correspondence and access has a few issues.
1. Client applications are expected to store the asset proprietor's certifications for sometime later, ordinarily a secret key with free text
2. Servers are expected to help secret key confirmation
3. Client applications gain excessively expansive admittance to the asset proprietor's safeguarded assets, passing on asset proprietors with practically no capacity to confine term or access of restricted assets
4. Compromise of any client application brings about compromise of end client's secret key and all of information safeguarded by that secret phrase

How does OAuth 2.0 work?
OAuth2.0 resolves these issues by presenting an approval layer and isolating job of the client from that of the asset proprietor. OAuth is an open norm for access assignment, generally utilized as a way for web clients to concede applications admittance to the data on different sites yet without giving them the passwords. OAuth gives to clients a "got assigned admittance" to server assets in the interest of the asset proprietor. Rather than utilizing the asset proprietor's certifications to get to safeguarded assets, the client gets an entrance token for Sap Brim Services. Access tokens are given to clients by an approval server with the endorsement of the asset proprietor. The client utilizes the entrance token to get to the safeguarded assets facilitated by the asset server.
Utilized by organizations, for example, Google, Facebook, Microsoft, Twitter to allow clients to impart data about their records to outsider applications or sites.