Oauth2 is an authentication method where you allow clients to access resources in a server by authenticating in a different server. I am building a system where I will need this infrastructure so I will do my best to explain how to build and use an Oauth2 server.
- Resource owner: This is a person. Lets call him Adrian
- Resource server: This is a server where Adrian’s information lives (along with other people’s information). The resource server needs to show Adrian only his information. We’ll call this app server
- Client: This can be a browser or an app that Adrian uses to interact with the app server. This is the browser
- Authorization server: This is our Oauth server. It validates user credentials and assigns tokens among other things. We’ll call this one oauth server