OAuth 2.0 consists of the following four roles:
Resource Owner: Entity that grants access to a protected resource. It can be a system or a person (end-user) owning the resources.
Resource Server: Server that hosts the protected resources. It accepts and responds to the protected resource requests using the access tokens.
Client: Application that requests and get authorization on behalf of the resource owner to access a protected resource.
Authorization Server: Server that issues access tokens to the client after the successful authentication of the resource owner and obtaining authorization.