From f6a1d15b444304616c88f0258bd167cee6d36334 Mon Sep 17 00:00:00 2001
From: Lavanya Mishra <58620639+chessmadridista@users.noreply.github.com>
Date: Thu, 31 Oct 2024 21:14:27 +0530
Subject: [PATCH] GH 1518 update authentication (#1519)

* feat: fix grammatical syntax error.

* feat: add link for OAuth 2.0 specification.
---
 cheatsheets/Authentication_Cheat_Sheet.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cheatsheets/Authentication_Cheat_Sheet.md b/cheatsheets/Authentication_Cheat_Sheet.md
index 37a5a5964f..ef9d4ae5ae 100644
--- a/cheatsheets/Authentication_Cheat_Sheet.md
+++ b/cheatsheets/Authentication_Cheat_Sheet.md
@@ -263,7 +263,7 @@ While authentication through a combination of username, password, and multi-fact
 
 Open Authorization (OAuth) is a protocol that allows an application to authenticate against a server as a user, without requiring passwords or any third-party server that acts as an identity provider. It uses a token generated by the server and provides how the authorization flows most occur, so that a client, such as a mobile application, can tell the server what user is using the service.
 
-The recommendation is to use and implement OAuth 1.0a or OAuth 2.0 since the very first version (OAuth1.0) has been found to be vulnerable to session fixation.
+The recommendation is to use and implement [OAuth 2.0](https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics) since the very first version (OAuth1.0) has been found to be vulnerable to session fixation.
 
 OAuth 2.0 relies on HTTPS for security and is currently used and implemented by APIs from companies such as Facebook, Google, Twitter, and Microsoft. OAuth 1.0a is more difficult to use because it requires the use of cryptographic libraries for digital signatures. However, since OAuth 1.0a does not rely on HTTPS for security, it can be more suited for higher-risk transactions.