Glossary

A | B | C | D | E | I | K | L | M | N | O | P | R | S | T | U | V | W | Y | Z

O

The Initiative for Open Authentication (OATH) is an organization that develops open standards that enable strong authentication of all users on all devices, across all networks.
OAuth 2.0 is an open-standard protocol for authorization. OAuth attempts to provide a standard way for developers to offer their services via an API without forcing their users to expose their credentials. As such, Oauth 2.0 allows users to grant limited access to their private resources on one site (which is called the Service Provider), to another site (called Consumer) without revealing their passwords or other credentials. To get access to the protected resources, OAuth 2.0 uses access tokens - a string representing the granted permissions. OAuth has built-in support for desktop applications, mobile devices, set-top boxes, and websites.
OpenID Connect is an identity layer on top of the OAuth 2.0 framework. It allows third-party applications to verify the identity of the end-user and to obtain basic user profile information. While the OAuth framework helps users grant access, OpenID helps ensure the users are really who they say they are.
One-time Password (OTP) is a password that is valid for only one login session or transaction. One-time Passwords can be supported as an authentication factor in Multi-factor Authentication implementations.