“Keeping your customer data secure is one of the most important yet difficult parts of doing business online. OAuth gives you a way to deal with customer logins without housing any of the critical data when authenticating a user. Have you ever seen the “Log in using Facebook” button some online businesses use for handling user authentication? This button “talks” to another website (specifically, the social media site – Facebook in this case), and it’s this third-party application that verifies the user name and password. The open standard used to authenticate users is OAuth. It’s used by most social media outlets that let you authorize users with an API, but you’re still responsible for using third-party data responsibly.
This article gives developers five dos and don’ts as per user data when using OAuth for social media login and access.”
Source: Oracle Fusion Middleware
Thanks to Ehi Kioya