OAuth: Open Authorization in Cybersecurity
Like 'oath' with a long O at the start.
OAuth stands for Open Authorization. Open Authorization is a standard that lets users grant third-party applications limited access to their resources without sharing passwords. OAuth 2.0 issues access tokens with defined scopes and lifetimes.
Why this matters in 2026
APT29 (Midnight Blizzard) used a malicious OAuth application with elevated tenant privileges to read Microsoft senior leadership email and source code in 2024. OAuth-app governance is now a discrete IAM-engineering discipline.
Read the related Decipher File →How OAuth Is Used in Cybersecurity
Security engineers design OAuth flows to protect APIs and control third-party data access. Penetration testers exploit misconfigured OAuth scopes, open redirects, and token theft vectors. Architects choose the right OAuth grant type based on application type and trust level.
Read the full glossary entry: OAuth in Cybersecurity
Cybersecurity Roles That Work with OAuth
Related Cybersecurity Acronyms
Frequently Asked Questions
What does OAuth stand for?
OAuth stands for Open Authorization. Open Authorization is a standard that lets users grant third-party applications limited access to their resources without sharing passwords. OAuth 2.0 issues access tokens with defined scopes and lifetimes.
What is OAuth used for in cybersecurity?
Security engineers design OAuth flows to protect APIs and control third-party data access. Penetration testers exploit misconfigured OAuth scopes, open redirects, and token theft vectors. Architects choose the right OAuth grant type based on application type and trust level.
Definitions are original explanations written for career development purposes. For authoritative technical definitions, refer to NIST, ISO, or the relevant standards body.
Get cybersecurity career insights delivered weekly
Join cybersecurity professionals receiving weekly intelligence on threats, job market trends, salary data, and career growth strategies.
Get Cybersecurity Career Intelligence
Weekly insights on threats, job trends, and career growth.
Unsubscribe anytime. More options