• Save
3rd-Party Authn/Authz
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

3rd-Party Authn/Authz

  • 1,752 views
Uploaded on

A brief overview of the popular 3rd-party authentication and authorization methods and implementations used in web apps.

A brief overview of the popular 3rd-party authentication and authorization methods and implementations used in web apps.

More in: Technology , Design
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to like this
No Downloads

Views

Total Views
1,752
On Slideshare
1,457
From Embeds
295
Number of Embeds
3

Actions

Shares
Downloads
0
Comments
1
Likes
0

Embeds 295

http://www.philipsharp.com 142
http://www.kerzap.com 124
http://new.kerzap.com 29

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. 3rd-Party Authn/Authz
    • OpenID
    • OAuth
      • Twitter
      • 3. Facebook
  • 4.
    • Centralized authentication
    • 5. Single identify throughout the Internet
    • 6. Returns: identifier (and optional data)
  • 7. Generic OpenID
    • User enters a URL
    • 8. Consumer “discovers” based on the URL
    • 9. Redirects to provider
    • 10. User authenticates with provider
    • 11. Redirects to consumer
    Lots of hashy stuff going on here. Discovery varies V1 to V2.
  • 12.
    • “Federated Login for Google Account Users”
    • 13. OpenID V2 + AX
    • 14. Single discovery URL for everybody
  • 15.
    • Users allow Site to perform actions on their behalf via Service, without needing your password to Service
    • 16. Returns: identifier and access token
  • 17. Generic OAuth
    • Site gets request token from Service
    • 18. Redirects User to Service
    • 19. User authenticates and authorizes
    • 20. Redirects to Site
    • 21. Site gets access token from Service
    All implementations are service-specific. Hashy stuff varies V1 to V2.
  • 22.
    • OAuth 1.0
    • 23. Has both authentication and authorization endpoints
    • 24. Access levels: read, read/write, read/write/private.
  • 25.
    • OAuth 2.0
    • 26. Very fine-grained permissions