What Is OAuth and How Does It Work?

The fundamental use of OAuth is so a user or something that's trying to access a protected resource doesn't get your private credentials. So I think most of us are used to seeing this type of interaction when we allow another application to access our details. For example, say Dropbox or logging in with a Google account and basically just approving access for something. That's really the world that OAuth came from. And it really was a reaction to... web APIs were being built and deployed with this pattern of just protecting them,. protect them with HTTP basic auth and just ask for the user's username.