Authorization frameworks and protocols have been developed to enable a third-party application to obtain limited access to a Hyper-Text Transfer Protocol (HTTP) service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf
In one such framework known as OAuth 2.0, an authorization service accepts requests from a client to access resources controlled by the resource owner and hosted by a resource service. The authorization service issues a set of credentials to the client that is different than that of the resource owner in order to allow the client to access the resources without having access to the resource owner credentials. However, OAuth 2.0 is directed to clients that are offered as network services and are, as a result, able to present extensive user interfaces to the resource owner in response to initiation, by the resource owner, of an authorization flow.