A simple authorization framework, OAuth 2.0, permits client applications to access protected resources via an authorization server. Using it, a client application (third party) can gain limited access to an HTTP service on behalf of the resource owner or on its own behalf.

In OAuth2, four roles are available as shown below:

Resource Owner/User: The owner of a resource, i.e., the individual who holds the rights to that resource.

Client: The application requests an access token (represents a user's permission for the client to access their data/resources), then accesses the protected resource server after receiving the access token.

Authorization Server: After successfully authenticating the resource owner and obtaining authorization, the server issues access tokens to the client.

Resource Server: It provides access to requested resources. Initially, it validates the access tokens, then it provides authorization.