Technical

What is OAuth?

An open authorization standard that lets apps access user data from other services without sharing passwords.

Definition

OAuth (Open Authorization) is an industry-standard protocol that allows a user to grant a third-party application access to their data on another service without sharing their password. The user authorizes the request on the originating service, which issues a scoped access token to the requesting app. OAuth is how most AI agent platforms connect to tools like GitHub, Slack, HubSpot, and Gmail.

Example

When you click 'Connect HubSpot' in Shogo Studio, you're taken to HubSpot's OAuth flow, you approve specific permissions, and HubSpot issues a token. Shogo never sees your HubSpot password — only the scoped token that allows specific API actions.

OAuth vs api-key: What's the difference?

OAuth

An open authorization standard that lets apps access user data from other services without sharing passwords.

api-key

An API key is a static credential with usually full access. OAuth issues scoped, revocable tokens — more secure because you can limit and revoke access without changing your password.

Related terms

MCP (Model Context Protocol)
Anthropic's open standard for connecting AI models to external tools and data sources.
Tool Call
A specific invocation of an external tool by an AI agent during task execution.
Webhook
A mechanism for one system to notify another system in real time when an event occurs.
Back to glossary