OAuth 2.0 is a delegation protocol (and not a password sharing mechanism), a means of letting someone who controls a resource allow a software application to access that resource on their behalf without impersonating them. It is an authorization framework that gives a consistent pattern to request, receive, and apply authorization policies across resources.
As per the specification(RFC 6749) that defines it,
The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain access on its own behalf.
Although OAuth is largely indifferent to what kind of resource it is protecting, it does fit nicely with RESTful web services, and it works well for both web and native client applications.
