About OAuth 1.0 Authentication

OAuth Logo

OAuth is an authorization method that provides access to resources over the HTTP protocol.

Usage

OAuth 1.0 authorizes access for applications and manual user access.

The consumer application receives an access token representing a user's permission to access their data, and uses it to authenticate requests.

A sample OAuth flow

OAuth Versions

OAuth authorization has two versions: OAuth 2.0 (which passes tokens over the HTTPS protocol) and OAuth 1, which uses HMAC-SHA signature strings.

OAuth 1 Terms

OAuth 1.0 has the following interacting components:

  • User - a person who wants to access a resource.

  • Consumer - an application or website that uses OAuth to access the Service Provider.

  • Service Provider - a web application that allows access via OAuth.

  • Protected Resource - the data the user wants to access.

Tokens

OAuth 1.0 uses two tokens to access resources on the resource server:

  • Request Token – contains the Consumer Key and Consumer Secret, and asks the service for authorization.

  • Access Token – grants access to the resource.

Token formats and structures vary based on the service provider's security requirements.

See Also

In this section:
© 2026
Publication date: