The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.
A little bit of the History ★ November 2006, Blaine Cook was working on the Twitter OpenID implementation. ★ April 2007, a Google group was created. ★ July 2007, the team drafted an initial specification. ★ December 2007, OAuth Core 1.0 was released.
JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants RFC7523 grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer