RFC 6749 — The OAuth 2.0 Authorization Framework by node

The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, on behalf of a resource owner or on its own behalf, without the application handling the resource owner's credentials.