OAuth 2.0 is an authorization framework that enables a third-party application to obtain limited access to a user's resources on an HTTP service. It achieves this by issuing access tokens to the client application after the resource owner (user) grants consent, eliminating the need for the client to handle the user's primary credentials. The core specification defines roles like the resource server, authorization server, and several standardized grant flows (e.g., Authorization Code, Client Credentials) to accommodate different client types.
Glossary
OAuth 2.0

What is OAuth 2.0?
OAuth 2.0 is the industry-standard protocol for delegated authorization, enabling secure, limited API access without sharing user passwords.
For AI agents and tool-calling architectures, OAuth 2.0 provides the secure handshake for authenticating with external APIs. Agents must execute the appropriate grant flow, manage token lifecycles, and respect defined scopes. Key related concepts include OpenID Connect (OIDC) for identity, Bearer Tokens for API requests, and PKCE for securing public clients. This framework is foundational within API authentication flows, ensuring agents can act on a user's behalf within strictly defined permissions.
Core OAuth 2.0 Grant Types (Flows)
OAuth 2.0 defines several standardized authorization flows, or grant types, each designed for a specific client type and security context. Selecting the correct flow is critical for secure API access.
Authorization Code Flow
The primary, most secure flow for server-side web applications. It involves a two-step process where the client first receives an authorization code via the user's browser, then exchanges this code for an access token and a refresh token via a secure back-channel request from the server.
- Use Case: Traditional web applications with a backend server.
- Security Benefit: The access token is never exposed to the user's browser or public client.
- Key Components: Redirect URI, authorization code, client secret.
Authorization Code Flow with PKCE
An extension of the Authorization Code flow designed for public clients that cannot securely store a client secret, such as mobile apps and single-page applications (SPAs). It uses a Proof Key for Code Exchange to prevent authorization code interception attacks.
- PKCE Mechanism: The client creates a cryptographically random
code_verifierand sends a derivedcode_challengewith the initial request. It must later present the originalcode_verifierto exchange the code for a token. - Use Case: Native mobile apps, JavaScript-based SPAs.
- RFC Standard: Defined in RFC 7636.
Client Credentials Flow
A machine-to-machine (M2M) flow where a client application uses its own credentials to authenticate directly with the authorization server and obtain an access token. This flow does not involve a user context.
- Use Case: Service accounts, daemons, backend microservices communicating with other APIs.
- Token Scope: The access token is scoped to the client's own permissions, not a user's.
- Authentication: Typically uses a client ID and client secret (or a signed JWT).
Device Authorization Flow
A flow designed for input-constrained devices that lack a browser or easy text input, such as smart TVs, gaming consoles, or IoT devices. The device initiates the flow and provides a user code and verification URI for the user to complete authorization on a secondary device.
- Process:
- Device requests a user code from the authorization server.
- Device displays the code and URI (e.g.,
https://example.com/activate). - User visits the URI on a phone/computer, enters the code, and consents.
- Device polls the authorization server until the user completes the step, then receives tokens.
- Use Case: Devices with limited input capabilities.
Resource Owner Password Credentials Flow
A flow where the user provides their username and password directly to the client application, which then exchanges them for an access token. This flow is highly discouraged due to significant security risks.
- Risks: The client application gains direct knowledge of the user's long-term credentials, violating core OAuth principles. It should only be used when other flows are impossible.
- Limited Use Case: Migrating legacy systems to OAuth 2.0, or for highly-trusted first-party clients (e.g., a company's own mobile app).
- Deprecation: Modern security best practices strongly favor the Authorization Code flow with PKCE instead.
Implicit Flow (Deprecated)
A legacy flow where the access token was returned directly in the URL fragment of the redirect URI after user consent, without an intermediate authorization code. This flow is now obsolete and deprecated in the OAuth 2.1 specification due to inherent security vulnerabilities.
- Security Flaws: The access token is exposed in the browser history and to any JavaScript on the page, making it susceptible to theft.
- Modern Replacement: The Authorization Code Flow with PKCE provides the same client profile support (SPAs) with vastly improved security and is the required standard for public clients.
- Historical Context: Was once recommended for single-page applications before PKCE was standardized.
OAuth 2.0 Roles and Components
This table defines the four primary roles and key components that interact within the OAuth 2.0 authorization framework, detailing their responsibilities and relationships.
| Role / Component | Definition | Primary Responsibility | Common Implementation |
|---|---|---|---|
Resource Owner | The entity capable of granting access to a protected resource. Typically, this is the end-user. | Authenticate and consent to client access requests. | End-user (human) or a system entity. |
Client | The application making protected resource requests on behalf of the resource owner and with its authorization. | Initiate the authorization flow and use access tokens to access protected resources. | Web server, single-page app (SPA), mobile app, or backend service. |
Authorization Server | The server that authenticates the resource owner, obtains consent, and issues access tokens to the client after successful authorization. | Issue access tokens and refresh tokens. Validate client credentials and authorization grants. | Dedicated service (e.g., Keycloak, Auth0, Okta) or an identity provider's token endpoint. |
Resource Server | The server hosting the protected resources, capable of accepting and responding to protected resource requests using access tokens. | Validate access tokens presented by clients and serve the requested protected resources if the token is valid and authorized. | API backend (REST, GraphQL) that checks token signatures, scopes, and expiration. |
Authorization Grant | A credential representing the resource owner's authorization, used by the client to obtain an access token. | Convey the client's right to request a token. Types include authorization code, implicit, client credentials, and resource owner password. | An authorization code string, a set of client credentials, or a username/password pair. |
Access Token | A credential used to access protected resources. A string denoting specific scopes, lifetime, and other access attributes. | Convey authorization information from the client to the resource server. | Opaque string or a structured JSON Web Token (JWT). |
Refresh Token | A credential used to obtain a new access token when the current one expires, without re-prompting the resource owner. | Maintain persistent access for a client within the bounds of the original consent. | Long-lived, opaque string issued by the authorization server and stored securely by the client. |
Scope | A mechanism to limit an application's access to a user's account. Represents a specific permission. | Define the breadth of access granted by the resource owner to the client. | Space-delimited list of strings (e.g., 'read:contacts write:calendar'). |
Frequently Asked Questions
Answers to common technical questions about the OAuth 2.0 authorization framework, focusing on its mechanisms, security, and integration for AI agents and backend systems.
OAuth 2.0 is an industry-standard authorization framework that enables a third-party application to obtain limited access to a user's resources on an HTTP service without exposing the user's credentials. It works by delegating user authentication to the service that hosts the user account and authorizing third-party applications to access the user account with an access token.
The core flow involves four key roles:
- Resource Owner: The user who owns the data.
- Client: The third-party application requesting access.
- Authorization Server: The server that authenticates the user and issues tokens.
- Resource Server: The API server hosting the protected data.
The client redirects the user to the authorization server. After the user authenticates and grants consent, the authorization server issues an access token to the client. The client then uses this token to make authorized requests to the resource server on the user's behalf.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
OAuth 2.0 operates within a broader ecosystem of authentication and authorization standards. These related concepts define the specific protocols, token formats, and security models that complete the picture of secure API access.
OpenID Connect (OIDC)
OpenID Connect is an identity layer built on top of OAuth 2.0. While OAuth provides authorization (permission to act), OIDC provides authentication (verification of identity). It standardizes how clients receive identity information about the end-user.
- Core Component: The ID Token, a JSON Web Token (JWT) containing verified user claims (e.g., name, email).
- Flow: Uses the OAuth 2.0 Authorization Code flow, adding an
openidscope and theid_tokenresponse. - Use Case: Enabling Single Sign-On (SSO) across multiple applications by providing a standardized way to verify user identity.
JSON Web Token (JWT)
A JSON Web Token is a compact, URL-safe token format defined in RFC 7519. It is the de facto standard for representing OAuth 2.0 access tokens and OpenID Connect ID tokens.
- Structure: A string with three Base64Url-encoded parts separated by dots: Header.Payload.Signature.
- Payload: Contains claims—statements about an entity (e.g., user, client) and additional metadata like issuer (
iss), subject (sub), and expiration (exp). - Self-Contained: The signature allows a resource server to validate the token's integrity and authenticity without a call to the authorization server, provided it has the correct public key.
Proof Key for Code Exchange (PKCE)
PKCE (pronounced "pixy") is a critical security extension (RFC 7636) to the OAuth 2.0 Authorization Code flow, designed to protect public clients like mobile apps and single-page applications (SPAs).
- Mechanism: The client creates a cryptographically random code verifier and derives a code challenge from it. The challenge is sent with the initial authorization request; the verifier is sent when exchanging the authorization code for a token.
- Threat Mitigation: Prevents authorization code interception attacks where a malicious actor steals the code from a public client.
- Requirement: Now considered mandatory for all authorization code flows involving public clients.
Client Credentials Flow
The Client Credentials flow is an OAuth 2.0 grant type designed for machine-to-machine (M2M) communication where no end-user is involved. A client application authenticates with its own identity to access its own protected resources.
- Process: The client sends its
client_idandclient_secretdirectly to the authorization server's token endpoint to receive an access token. - Token Scope: The access token is scoped to the permissions assigned to the client application itself, not delegated from a user.
- Typical Use: Backend service calling another internal or partner API, automated daemons, and cron jobs.
Bearer Token Usage
A Bearer Token is the most common type of OAuth 2.0 access token. The term "bearer" means anyone in possession of the token (the "bearer") can use it to access associated resources.
- Transmission: Sent in the HTTP
Authorizationheader:Authorization: Bearer <token>. - Security Implication: This model requires strong transport-layer security (TLS/HTTPS) to prevent token interception. If a token is leaked, it can be used by an attacker until it expires or is revoked.
- Validation: The resource server must validate the token's signature, expiration, issuer, audience, and scopes before granting access.
Scope
In OAuth 2.0, a scope is a mechanism to limit an application's access to a user's account or a client's permissions. Scopes represent a specific subset of access rights.
- Definition: A space-separated list of case-sensitive strings defined by the authorization server (e.g.,
read:contacts,write:files). - Consent Screen: Presented to the user during authorization, allowing them to see and approve the specific permissions requested.
- Token Binding: The granted scopes are embedded within the access token. The resource server must check that the token contains a scope permitting the requested action before fulfilling the API call.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us