OAuth 2.0 is a protocol that validates users against a remote server. This means that Thinfinity Remote Desktop Server doesn't validate the user internally, using a username and password. The user authentication is relayed to the OAuth 2.0 server. Once the OAuth 2.0 server validates the user, it returns a validation code to Thinfinity Remote Desktop Server. This code will allow Thinfinity Remote Desktop Server to access a token. This token provides access to user information —such as the user email— in the OAuth 2.0 authentication server. Thinfinity Remote Desktop Server uses this token to request this information. Although not specified by the OAuth 2.0 normative, the Profile information server usually returns a JSON object. This JSON object includes values that can be used in Thinfinity Remote Desktop Server to validate the user. These values are mapped to Windows users, so that the corresponding Thinfinity Remote Desktop Server permissions are applied.