Tarun Sharma Blogs

It works by delegating user authentication to the service that hosts the user account, and authorizing third-party application to access the user account.

This token are signed by one party's private bey, so that both parties are able to verify that token is legitimate. The tokens are designsed to be compact, URL-safe , and usable especially in a web-browser single-sign-on (SSO) context.