/

What is OAuth2.0

What is OAuth2.0

Owned by Ajay Sharma

Last updated: Jun 27, 2023 by Gurmukh Singh

Why is it being used in Eshopbox?

User Authentication

Audience :

Users, backend and Frontend Developers.

Reading Material :

Link	Level

Link	Level
Basic Guide	Beginner
Access Token Generate	Intermediate
Best practices	Expert

Dos and Don’ts

Dos

The signing key should be treated like any other credentials and revealed only to services that need it.
Give tokens an expiration.
Add generated access Token in Cache.

Don’ts

Do not add sensitive data to the payload.
Do not send tokens over non-HTTPS connections as those requests can be intercepted and tokens compromised.
Do not call generate access Token Api on each each Request.

engineering_principles

Related content

Authentication

Apps and Automations

More like this

Authorization Layer Implementation.

Authorization Layer Implementation.

Software Development

More like this

Configure Auth

Apps and Automations

More like this

Get Access Token

Get Access Token

Apps and Automations

More like this

Authorization Code Flow

Authorization Code Flow

Apps and Automations

More like this

App Overview

Apps and Automations

More like this