...

* or OAuth token with equivalent scope

OAuth 2.0

OAuth 2.0 User Authentication

This feature allows a user to sign-in via a third-party service, such as Google, Yahoo or Facebook. The result of the OAuth 2.0 authentication flow is a username and access to whatever user account details are within the authorized scope, such as email address. Fedora is then free to use these user details to create a local user account or assign privileges as required for Fedora authorization. (All that this work flow provides is user authentication.)

...

• Client Application - Fedora
• Authorization Service - Google, etc..
• Resource Server - Fedora

OAuth 2.0 Application Authorization

From the OAuth 2.0 specification:

...