Instead of requiring you to send your credentials to EVERY system you want to log into, them now having your password and needing to be able to talk to the system that has your credentials stored (usually a dedicated tool for housing user details and roles) to verify that your password is CORRECT, OAuth allows you to only give your credentials to the identity provider, who then returns you a portable token proving that you’ve logged in and containing a list of the things you’re allowed to do.

Instead of sending your password everywhere, you just pass along that token.

Instead of validating your login every time, each system you access can simply check your token and talk to the IDP to grant you access without requiring another login!