This documentation is for WSO2 Identity Server 5.4.0 . View documentation for the latest release.

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


See here to know how to use 2-legged OAuth with OAuth 1.0 to secure a RESTful service.

OAuth 2.0

OAuth This specification defines OAuth2. OAuth 2.0 defines four roles:

  1. Resource owner: An entity capable of granting access to a protected resource (e.g. end-user).
  2. Resource server: The server hosting the protected resources, capable of accepting and responding to protected resource requests using access tokens.
  3. Client: An application making protected resource requests on behalf of the resource owner and with its authorization.
  4. Authorization server: The server issuing access tokens to the client after successfully authenticating the resource owner and obtaining authorization.