# What is OAuth2?

OAuth 2.0 is the industry-standard protocol for authorization. OAuth 2.0 focuses on client developer simplicity while providing specific authorization flows for applications.

## OAuth Roles <a href="#oauth-roles" id="oauth-roles"></a>

OAuth defines four roles:

* **Resource Owner**: The resource owner is the *user* who authorizes an *application* to access their account. The application’s access to the user’s account is limited to the scope of the authorization granted (e.g. read or write access)
* **Client**: The client is the *application* that wants to access the *user*’s account. Before it may do so, it must be authorized by the user, and the authorization must be validated by the API.
* **Resource Server**: The resource server hosts the protected user accounts.
* **Authorization Server**: The authorization server verifies the identity of the *user* then issues access tokens to the *application*.

## Implementation at Matrica

We have implemented some OAuth 2.1 specifications (see this [link](https://oauth.net/2.1/)) to have a more secured flow:

* PKCE is required for all OAuth clients using the authorization code flow
* Redirect URIs must be compared using exact string matching
* The Implicit grant (`response_type=token`) is omitted from this specification
* The Resource Owner Password Credentials grant is omitted from this specification
* Bearer token usage omits the use of bearer tokens in the query string of URIs

We will implement the newest standard once it comes out of draft.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.matrica.io/matrica-connect/what-is-oauth2.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.