OAuth is an open standard for authorization.
OAuth provides a method for clients to access server resources on behalf of a resource owner (such as a different client or an end-user). It also provides a process for end-users to authorize third-party access to their server resources without sharing their credentials (typically, a username and password pair), using user-agent redirections.
Most popular use case, is to allow people sign in a website using a social account (Facebook, Google, Twitter, … ) , and then able to access/use some public services of that site (without having to register an account offically).
And also based on that feature, it can be a solution of Single Sign On (SSO) as well .
.
OAuth is a service that is complementary to, and therefore distinct from, OpenID.
OpenID was the original authentication service that inspires OAuth, but OpenID was only for “authentication”, not “authorization” .
OpenID Connect is another attempt of OpenID to recover the mentioned shortcoming. It supports “authentication” and “authorization” quite well, because it’s actually an abstraction layer on top of OAuth 2.0 .
(to be updated) .
.
References
OAuth 2.0 – RFC 6749 http://tools.ietf.org/html/rfc6749
OAuth 2 official website – http://oauth.net/2/
./.
DucQuoc's Blog 