Difference between OAuth 2.0 Two legged and Three legged implementation

Question

Can you please explain me the Difference between OAuth 2.0 Two legged and Three legged implementation. And how to chose? Which ones for me?

Answer 1

First, the legs refer to the roles involved. A typical OAuth flow involves three parties: the end-user (or resource owner), the client (the third-party application), and the server (or authorization server). So a 3-legged flow involves all three.

The term 2-legged is used to describe an OAuth-authenticated request without the end-user involved. Basically, it is a simple client-server authenticated request in which the client credentials (identifier and secret) are used to calculate a request signature instead of sending the secret in the clear.

Implementation wise, 2-legged request are exactly the same but don't include an access token or access token secret. These two values are basically empty strings.