http://theddy.dev/tags/oauth/Recent content in Oauth on Theddy Dev SpaceHugo -- 0.150.0en-usTue, 07 Apr 2026 13:40:25 +0300http://theddy.dev/posts/oauth2/Tue, 07 Apr 2026 13:40:25 +0300http://theddy.dev/posts/oauth2/<h2 id="history">History</h2> <p>Before OAuth 2.0, giving access to third party applications to a requested resource, meant we needed to type our credentials - username and password, which are stored on the 3P side and used as an action which was performed on our behalf.</p> <p>This is a problem, firstly, because they can be used to access all kinds of resources, not a limited scope of them, no revocation was possible, and secondly, third party software stored those in plaintext. If the third-party software was compromised, our data was also at risk.</p>