To store user passwords securely

To allow users to grant access to their information without sharing passwords

To encrypt user data

To manage user accounts

Offline data storage

Server to server apps

Browser based apps

Mobile native apps

The individual owning the data

The API storing the data

The application requesting access

The server issuing tokens

To encrypt data

To manage user accounts

To issue access tokens to clients

To store user data

They are issued by the resource server

They are short-lived and cannot be revoked

They are long-lived and can last for years

They are used to store user passwords

To manage user accounts

To store user passwords

To obtain new access tokens

To encrypt user data

To store user data

To ensure the request is not forged

To encrypt the access token

To manage user accounts