SlideShare is now on Android. 15 million presentations at your fingertips.  Get the app

×
  • Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
 

OAuth 2.0 - Assaf Arkin

by on Aug 01, 2011

  • 2,444 views

Assaf Arkin, Flowtown...

Assaf Arkin, Flowtown

You're building an API and the question comes up, how to let client applications authenticate against it? Giving username/password to 3rd party client applications is a security anti-pattern. You don't want to do that. API keys are better, but confusing for the average user. So we're going to look at solving that with OAuth 2.0.

If you used Facebook Connect to allow a non-Facebook application restricted access to your Facebook account, you've used OAuth 2.0. Let's talk about what OAuth 2.0 is, how it works, and how to add support to your application/API. We'll cover authentication flows for Web apps, mobile, desktop and even command-line tools, and talk about access control patterns that are based, not on users and roles, but client applications and requested access scopes.

This talk will cover rack-oauth2-server, an open source OAuth 2.0 Authorization Server module:

https://github.com/flowtown/rack-oauth2-server

Statistics

Views

Total Views
2,444
Views on SlideShare
2,444
Embed Views
0

Actions

Likes
2
Downloads
67
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via SlideShare as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
Post Comment
Edit your comment

OAuth 2.0 - Assaf Arkin OAuth 2.0 - Assaf Arkin Presentation Transcript