• Upshift
  • Posts
  • OAuth for Product People

OAuth for Product People

Making it simpler for those of us who want to know what we get out of supporting it.

Author

Adam Suskin
March 19, 2025

Summary

  • Product integrations can increase revenue, increase adoption and satisfaction, and decrease churn.

  • OAuth is a secure way for a user to give an app access to operate on the user’s behalf in another platform.

  • OAuth impacts your product differently depending on whether you’re acting as the OAuth server (your platform grants access) or the OAuth client (your app wants to interact with another platform).

Why should you care?

In today’s world of software, users expect the software they use to seamlessly work with other tools they are used to using. The more tools your product can connect to, the more valuable it becomes. These integrations can be monetized or used purely as a method to deeply enrich the user experience.

OAuth helps you support these integrations without asking your users to share passwords with other services, which is insecure and more steps for them. Your engineers will also be happier because your product can track which permissions have been granted and monitor how they are being used, which comes in handy if issues pop up.

What is OAuth (without the jargon)?

You may see all these words flying around like “resource owner” and “authorization server.” We’re trying to make this easier to understand, so the basic idea is this:

Let’s say your product has a bunch of valuable user data, for example the user’s personal calendar. Other apps may want to access the user’s calendar to read events, create invitations, etc.

We say that your product would be the server because your platform is granting access to other apps.

And we say that those other apps are clients because they are requesting access from your platform on behalf of your users.

To keep things simple, we’re taking liberties by glossing over the auth provider (e.g. PropelAuth or Auth0). For many software companies, they are an external stakeholder and who your engineering team actually depends on to implement OAuth. This is why you may see other terminologists try to differentiate who owns the data, from who does the work to authenticate the client app.

OAuth server vs. client product outcomes

Let’s start by acknowledging that your product can use both an OAuth server and OAuth clients.

Client use cases

User: “I want you to take my data and put it into this other app.” → you’re the client

User: “I want you to access my data from this other app.” → you’re the client

For products that have their own site or UI, we usually see this need arise for onboarding users quickly, by importing their data from other apps.

Another common use case is when there is a system-of-record that the user persona often accesses. For example, most lead generation apps will likely look to push leads into the user’s CRM.

Some products are made to live inside another platform. For example, Shopify apps are often their own full-fledged products that exist entirely on top of Shopify.

Server use cases

User: “I want this other app to access my data within your product.” → you’re the server

User: “I want this other app to use your API on my behalf.” → you’re the server

Having customers actively using your product is a strong sign that it provides real value. If you are in this awesome position, you may want to consider supporting an OAuth server on top of your product for many reasons.

By having an OAuth server, you can:

  1. Let your users build apps for themselves.

  2. Let other businesses leverage your product to build additional features and extensions for your users.

  3. Let AI agents operate on behalf of your users in a restricted, safe manner.

OAuth is the foundation of any robust developer ecosystem. And what we’ve seen is that businesses who support self-serve, third-party extensions are able to increase their pricing, support more features with the same number of employees, and even create new markets for other businesses to target.

This is why the biggest companies in the world (e.g. Apple, Salesforce, Shopify) have formed developer ecosystems around their products.

Wrap-up

OAuth is a secure way to achieve different kinds of product integrations. Client use cases are distinct from server use cases, but both can be found in many apps and products you use today.

If you have questions or are interested in more information, please feel free to contact us at [email protected].