What is OAuth?

OAuth is a way to log in to one app using an account from another — like clicking "Continue with Google" instead of creating a new password.

The hotel keycard analogy

When you check into a hotel, the front desk doesn't give you the master key. They give you a keycard that opens your room and maybe the pool — nothing else. If you lose it, the hotel deactivates it. The master key stays with them.

OAuth works the same way. When you click "Continue with Google," Google doesn't share your password with the app. Instead, it creates a limited credential — like a keycard — that lets the app know who you are (your name and email). The app never sees your Google password, and Google can revoke access anytime.

Why it matters

• No new password — Users don't need to create and remember another password.
• Trust — Users trust Google or GitHub more than an app they've never seen before.
• Less work — The app doesn't have to handle password storage for OAuth users.

How it works (simplified)

1. User clicks "Continue with Google."
2. The app redirects the user to Google's login page.
3. The user signs in with Google and approves the app's request.
4. Google redirects the user back to the app with a temporary code.
5. The app exchanges that code for the user's profile info (name, email).
6. The app creates or finds a matching account and signs the user in.

The app never touches the user's Google password. It only gets what Google agrees to share.