OAuth 2.0

OAuth 2.0 is the standard authorization framework for delegated access. It lets a client obtain limited access to a resource owner's data without handling their credentials. OAuth 2.0 is defined by RFC 6749; modern usage should follow OAuth 2.1 guidance, which removes deprecated flows and bakes in PKCE.