OAuth is an authentication system that connects the third-party developers, the API host sites and the users, and at the time of this writing it is required by many sites to write back to their system. In general it is discouraged for JavaScript on the client side, due to the visibility.
The general exchange works like this: your site will send the user to the API provider site, where the user will be asked to give access to you to use their accounts. This access may be limited, and revoked by them more easily than a password, for example. You are given a "token" with this approval, which is then sent, along with your developer's key and secret key, in your API requests. Beyond this, it works very much like the versions we have employed here!
As you continue to work, please explore the developer's forum! It is a great resource of people like you, working to develop with the Goodreads API.
The link below will bring you to the goodreads overview, which has an example call and response. Thank you and I hope you've enjoyed this tutorial!