Lesson: https://frontend.turing.io/lessons/module-4/oauth/index.html
Open-Authorization
- open standard for implementing token-based authentication and authorization
The act of generateing a token to identify a user is considered the authentication "handshake".
- authentication "handshake" - generatign a token to identify a user
What do we mean when we say something is an "Open Standard"?
- "The term "open standard" is a little vague, but essentially describes a specification that is open to the public and free to be implemented by application developers."
What is the difference between authentication and authorization?
- authentication refers to checking out the who. Who is authorized to access this data and is this user trying them? Authorization on the other hand refers to what is allowed to be done/accessed.
Describe the process of token-based authorization.
- The process of authorized based tokens is first the client asks for an authorization token...
see diagram