This is the standard that enables secure authorization b/w services. This is used in SSO mostly.

Entities in OAuth

• Resource Owner : The entity that owns the resource.
• Client : The service requesting access to the resourceon behalf of the owner.
• Authorization Server : Server that authenticates the resource owner and issues access tokens to the client
• Resource Server : Server hosting the resources the client requests to access

The Flow :

1. The client requests authorization from the resource owner
2. The client receives an authorization grant from the resource owner
3. The client presents the authorization grant to the authorization server
4. The client receives an access token from the authorization server
5. The client presents the access token to the resource server
6. The client receives the resource from the resource server

Basically how login with google works for many services

Oauth has diffrent grant types for diffrent use cases but the main ones are authorization code(more secure but has more steps) and implicit grants (Less secure but faster). More information about others can be found here : https://datatracker.ietf.org/doc/html/rfc6749