Two major flow
- Authorizing a third party
- Giving them the access token
Authorizing a third party
- User logins to tool to access a regular system backup service.
- The tool requires access to Google Drive to store the backup.
- The tool ask Google Drive to take the User to their page login and authenticate the user
- The Google show the list of permission that Backup tool needs.
- The User authorizes the backup tool on Google Drive
- Google Drive grants a authorization token to the tool
- Next time the tool needs to store backup on Google drive it presents the auth token to Google
- Google gives the access token to tol
Reference :
- YouTube – JavaBrains- How OAuth Works1
- YouTube – JavaBrains- How OAuth Works2 (nicely explained)