What is OAuth 2.0? — UK Software Development Guide

4 min readJune 2025ClickMasters Technical TeamReviewed by James Whitmore, CTO
what is oauth 2.0

Direct Answer

OAuth 2.0 is an authorisation framework that allows applications to obtain limited access to a user's account on another service, without exposing the user's password. It delegates authorisation — "this application can read my Google Drive files" — rather than sharing credentials.

OAUTH in the UK

OAuth 2.0 is the foundation of UK Open Banking (OBIE APIs), NHS Login (OIDC extends OAuth 2.0), and HMRC MTD authentication. Government APIs use the Authorisation Code flow with PKCE (Proof Key for Code Exchange) as the security best practice. GDPR implications: OAuth 2.0 consent is related to but distinct from GDPR consent — granting an OAuth scope does not constitute GDPR consent for processing purposes.

Get Expert Advice on OAUTH

Speak with our UK software development experts about OAUTH. Free consultation, transparent pricing, no obligation.