OAuth 2.0 is an open authorisation framework that enables applications to obtain limited access to user accounts on third-party services without exposing user credentials. It works by delegating authentication to the service hosting the user account and authorising third-party applications via access tokens with defined scopes, separating the concerns of resource ownership from resource access.
OAuth 2.0 is the industry standard for API authorisation and underpins single sign-on (SSO) implementations across enterprise environments. From a security perspective, proper implementation requires attention to token lifecycle management, scope minimisation, redirect URI validation, and the use of PKCE (Proof Key for Code Exchange) for public clients to prevent authorisation code interception attacks.