“I’d like to give a site access to my Google contacts, but I don’t want to give them my google username and password.”

OAuth solves this and similar problems.

OAuth allows one website to access a users content from another website without needing their username and password.  In OAuth terminology, the site that wants to get the content is called the consumer, the site that has the content is called the service provider and the content is called protected resources.

A concrete example (taken from the OAuth site) is of a user who wants to use a printing service to print photos they uploaded to a photo sharing site.  The printing service is the consumer, the photo sharing site is the service provider, and the photos are the protected resources.  If both sites support OAuth, the user can give the printing service access to the photos without giving it their username and password to the photo sharing site.

To do this, the user makes a choice on the printing site to access the photos from the photo sharing site.  The printing service generates a request and sends it to the photo sharing site.  The printing service then directs the user to the photo sharing site where the user authenticates themselves and approves the request.  The photo sharing site then provides a token to the printing service which it can can use to authenticate requests for the photos.  To reduce the chances of abuse, the token is typically only honored for a limited period of time.

A more detailed introduction can be found here.