Authentication is nothing but the way to gain access to some secure websites, or accessing a webpage or a server that requires credentials such as passwords or tokens. OAuth 2.0 is an industry-standard protocol for authorization and used widely for secure access.
OAuth 2.0 is mainly focused on client-side developers, but also is very useful for different application based uses like the: web applications, desktop applications, mobiles, and also smaller devices using the IoT and its cloud. Generally speaking, the OAuth 2.0 is the framework mainly based on letting you access any services or applications based on HTTP.
A token is a key that is given to the user by a authentication server and the token is used by the user to let the website or any application access his details or user accounts.
The toke can be divided into three fields:
For example, at the time of logging into a website through the facebook account may require some confirmation asking that whether you want to grant permission that the website can access your Facebook user data or not. There are some websites that may require only your simplest credential such as the profile picture. There also may be websites that may require all your details such as birthday, gender, photos, etc.