Reputation: 59
oAuth 2.0 users vs clients?
I am implementing https://github.com/bshaffer/oauth2-server-php which is a library for PHP with oAuth 2.0. My question however is as part of the installation their are two tables that are confusing me. One is user_table and the other is client_table. The way it works though is it uses the credentials from the client table to generate a key. So what im wondering is what's the purpose of the user_table?
I already have an existing table for my users and I wanted to authenticate using the username and passwords in there so I was wondering how I go about doing that. Thanks for any help and I am just trying to wrap my head around the purpose of the user table especially since I don't see any use of it on the github example.
Upvotes: 3
Views: 2669
Answers (1)
Reputation: 14212
That seems to be a framework for building an "OAuth2 Authorization Server". Assuming your app has "resources" that need protection (via an API), users of your app are the "Resource Owners". "Clients" on the other hand, are "clients of your API" (often 3rd party apps), that your users would want to give access to.
OAuth is in essence a resource access delegation system: user X from your app, gives app Y access (through an API) to resource Z managed in your app and owned by X.
If all you want is to authenticate external users to your app, that is: outsourcing authentication to someone else (e.g. LinkedIN, Twitter, etc), you are probably looking at the wrong fwk.
Upvotes: 10
Related Questions
- OAuth 2.0 PHP Client and Server Example
- OAuth 2.0 Server for PHP
- OAuth2: What exactly is the "client"
- OAuth 2.0 for API server and mobile application
- Understanding Client in OAuth2
- Should I setup an OAuth2 Server?
- OAuth client credentials concept
- OAuth2 Clients and Grants
- OAuth client authentication for public clients
- OAuth 2.0 definition of clients