What is Oauth2?
Oauth2 is an authentication protocol that allows external applications to access user data or act as a user. Here are a few examples to grasp the OAuth concept
- Tweet Scheduler — An application where the user writes and schedules the tweet for a specific date and time
- Calendar bot — A bot on top of Google calendar that will accept or reject calendar invites based on a predefined schedule
In both cases, the application acts as a user and performs the action(Tweeting/Accepting the invite) for them.
How does Oauth2 Works?
- The client application registers itself to the OAuth provider. In the case of the Tweet scheduler, the application is registered with Twitter.
- When a user starts using the client application, they are requested to authorize the application to act on behalf of the user.
- Once the user approves and provides the necessary permission, an access_token is generated with expiry.
- This access_token will be used by the client application in the future to perform actions on behalf of the user.
Auth0 and Oauth2
Auth0 is easy to implement, adaptable authentication and authorization platform. It, by default, provides connectors to authenticate with major applications.
Connecting to these existing platforms is as simple as filling out a Google Form. But recently, I worked with StackExchange, which is not a direct provider for Auth0. To support applications not listed in the providers, Auth0 has a generic connector. For the rest of the blog posts, let’s see how to configure and connect them.
Connect to Custom Oauth2 Provider
Originally published at https://bhavaniravi.com.