0
OAuthSimone Tripodi - Asemantics S.r.l.   stripodi@asemantics.com
What’s OAuth?• An Open Protocol to allow secure API    authorization in a simple and standard    method for mobile, deskto...
Hypothetical Scenarios“Import pictures from Picasa “Allow Dailymotion read into Virgilio Photo Album”    Virgilio’s User d...
Authorization flow
B2B shared information• Consumer Key: a value used by the  Consumer to identify itself to the Service  Provider;• Consumer...
OpenID & OAuth• OpenID: helps determine who you are -  AUTHENTICATION;• OAuth: defines how to give access to  protected dat...
OpenID & OAuth:     Example integration
OAuth is  Production Ready!!!• Google• Yahoo!• MySpace• Digg• Twitter• Magnolia• Plaxo  ... and much more!
OAuth community• Leaded by Brian Cook & Chris Messina;• Active Google-group:  http://groups.google.com/group/oauth/• Blog:...
Where are we?here
Upcoming SlideShare
Loading in...5
×

OAuth 1.0

777

Published on

An OAuth 1.0 presentation I gave to an Italian TLC Telco, before OAuth consortium joined IETF.
Shows also some differences and combinations with OpenID

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
777
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "OAuth 1.0"

  1. 1. OAuthSimone Tripodi - Asemantics S.r.l. stripodi@asemantics.com
  2. 2. What’s OAuth?• An Open Protocol to allow secure API authorization in a simple and standard method for mobile, desktop and web application;• a protocol for developing password less APIs;• a way for an application to interact with an API on a user’s behalf without knowing the user’s authentication credentials.
  3. 3. Hypothetical Scenarios“Import pictures from Picasa “Allow Dailymotion read into Virgilio Photo Album” Virgilio’s User data” End User End User Service Consumer Service Provider Consumer Provider
  4. 4. Authorization flow
  5. 5. B2B shared information• Consumer Key: a value used by the Consumer to identify itself to the Service Provider;• Consumer Secret: a secret used by the Consumer to establish ownership of the Consumer Key;• The Consumer establishes a Consumer Key and a Consumer Secret with the Service Provider to be authenticated; the Consumer needs to be registered!
  6. 6. OpenID & OAuth• OpenID: helps determine who you are - AUTHENTICATION;• OAuth: defines how to give access to protected data - AUTHORIZATION;• They are complementary; a site that supports OAuth could also support OpenID for authentication!!!
  7. 7. OpenID & OAuth: Example integration
  8. 8. OAuth is Production Ready!!!• Google• Yahoo!• MySpace• Digg• Twitter• Magnolia• Plaxo ... and much more!
  9. 9. OAuth community• Leaded by Brian Cook & Chris Messina;• Active Google-group: http://groups.google.com/group/oauth/• Blog: http://blog.oauth.net/• Many available implementations from OS communities: Java - C# - JavaScript - Perl - PHP ...
  10. 10. Where are we?here
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×