OAuth 2.0 is an open-standard protocol for authorization. OAuth attempts to provide a standard way for developers to offer their services via an API without forcing their users to expose their credentials. As such, Oauth 2.0 allows users to grant limited access to their private resources on one site (which is called the Service Provider), to another site (called Consumer) without revealing their passwords or other credentials. To get access to the protected resources, OAuth 2.0 uses access tokens - a string representing the granted permissions. OAuth has built-in support for desktop applications, mobile devices, set-top boxes, and websites.