Open Authorization (OAuth) is best described as which?

• A. Allows different websites to rely on a trusted third party to authenticate users.
• B. An open standard decentralized protocol for authentication users.
• C. A two-way relationship automatically created between parent and child domains within MS Active Directory.
• D. OpenID?

Answer: (A)

OAuth is an authorization framework that lets a user grant a third-party application access to resources on a server without sharing their password. It relies on a trusted authorization server to issue tokens that the third-party app uses, with the user’s consent. This setup enables different websites to rely on a single identity provider to verify who the user is and what they’re allowed to do, across services. That’s why describing OAuth as allowing sites to depend on a trusted third party to authenticate users best fits how it works in practice. Keep in mind that OAuth handles authorization, not authentication by itself; OpenID Connect adds authentication on top of OAuth. The other options don’t accurately describe OAuth’s purpose or functionality.