Definition
OAuth (now at version 2.0) is an open standard that lets a user grant a third-party application limited access to their account without handing over a password. Instead of storing your Google password, an app stores an access token and (usually) a refresh token. Tokens are scoped - "read your calendar" is a different scope from "send email as you" - and can be revoked independently at any time.
OAuth has three main actors: the resource owner (you), the resource server (Google, Stripe, etc.), and the client (the app wanting access). The user is redirected to the resource server to consent, the resource server sends the client an authorization code, and the client exchanges that code for a token. Tokens live in the client app and must be protected like passwords.
How SheetLinkWP relates to OAuth
SheetLink Forms deliberately avoids storing OAuth tokens for your Google account. Instead, each customer deploys an Apps Script web app inside their own Google account, and that script runs as them - with no token ever leaving your Google tenant. This eliminates an entire class of breach risk, simplifies GDPR data-processor relationships, and removes token-refresh maintenance. For CRM fan-out destinations like HubSpot and Salesforce, SheetLink does use OAuth where required by the destination vendor, and tokens are encrypted at rest.