OAuth is an authentication standard which is widely used to grant permission to access websites and APIs without having to share a user’s password directly.

For the purposes of Moa, OAuth is used by Mastodon (and Mastodon-compatible systems like Pleroma), Twitter, and Instagram. Moa requests access to your accounts on those services on your behalf. OAuth tokens are stored in the Moa database, and you can revoke them at any time.

The OAuth 2.0 standard IETF RFC6749 replaced the 1.0 version in October 2012.

The oauth.net site has excellent background info, including the introduction and history page.


Notes mentioning this note