• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Openid & Oauth: An Introduction
 

Openid & Oauth: An Introduction

on

  • 14,066 views

Open Standards for Authentication and Authorization (An introduction).

Open Standards for Authentication and Authorization (An introduction).

This presentation was originally given for about 80 developers at an internal tech day.

Statistics

Views

Total Views
14,066
Views on SlideShare
13,932
Embed Views
134

Actions

Likes
10
Downloads
255
Comments
2

7 Embeds 134

http://redmonk.net 50
https://intranet.optaros.com 38
http://www.slideshare.net 33
http://localhost 5
http://pierrebsas.blogspot.com 4
http://www.monkinetic.com 3
http://monkinetic.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel

12 of 2 previous next

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Openid & Oauth: An Introduction Openid & Oauth: An Introduction Presentation Transcript

  • OpenID & Oauth Open Standards for Authentication and Authorization (An introduction)
  • The Open Web
    • Unencumbered, Cross-Platform Standards
    • Open Source / Free Software Implementations
    • No Single-Vendor "Lock-In”
    • Distributed Extensibility
    http://developer.mozilla.org/presentations/sxsw2007/the_open_web/
  • OpenID is…
    • Lightweight
    • Distributed
    • User-Centric (not Site-Centric)
  • OpenID is also…
    • Built on web standards
    • DNS/HTTP/SSL
    • Diffie-Hellman (PKI)
  • History
    • 2005: Developed by Brad Fitzpatrick, Creator of LiveJournal
    • 2006: Delegation, XRI support, extensions: OpenID 2.0
    • 2007: OpenID Foundation
    • 2008: More than 13,000 Consuming Sites
    http://en.wikipedia.org/wiki/OpenID#History
  • OpenID In The Wild
  • A Solution For…
    • Maintaining Usernames
    • Password Overload (insecurity)
    • Site-centric Identity
  • Basics
    • An OpenID is a URL
      • http://redmonk.net
    • Provider
      • http://myopenid.com
    • Relying Parties
    • Delegation
      • http://redmonk.myopenid.com
  • The Dance (Conversation)
  • DEMO
    • LiveJournal User
    • Ma.gnolia
    • One-Time Authentication
    • Persistent Authentication
  • The “Open” in OpenID
    • Delegation support is required
    • <link rel=“openid.delegate” />
    • Multiple accounts, multiple Providers
    • No Lock-in
  • Q & A
  • Oauth is…
    • “ OAuth is like a valet key for all your web services .  A valet key lets you give a valet the ability to park your car, but not the ability to get into the trunk or drive more than 2 miles or redline the RPMs on your high end German automobile.  In the same way, an OAuth key lets you give a web agent the ability to check your web mail but NOT the ability to pretend to be you and send mail to everybody in your address book.”
    • http://journals.aol.com/panzerjohn/abstractioneer/entries/2007/09/21/oauth-your-valet-key-for-the-web/1550
  • Authentication
    • Similar to:
    • AuthSub (Google)
    • BBAuth (Yahoo)
    • Flickr Auth
    • OpenAuth (AOL)
  • API Level
    • Application To Application
    • “ Agency”
  • Basics
    • User
    • Service Provider
    • Consumer
    • Protected Resources
    • Tokens
    http://oauth.net/documentation/getting-started
  • The Dance (Conversation)
    • (Developed from: http:// oauth.net/core/diagram.png )
  • Who’s Supporting Oauth?
    • Google
    • FireEagle (Yahoo)
    • Ma.gnolia
    • Amazon
    • Flickr
    • Digg
    • And more…
  • Q & A
  • Sources
    • http://www.slideshare.net/daveman692/open-id-overview-seoul-july-2007
    • http://en.wikipedia.org/wiki/Diffie-Hellman_key_exchange
    • http://en.wikipedia.org/wiki/OpenID#History
    • http://wiki.openid.net/
    • http://openid.net
    • http://oauth.net
    • http://journals.aol.com/panzerjohn/abstractioneer/entries/2007/09/21/oauth-your-valet-key-for-the-web/1550
    • http://oauth.net/core/diagram.png
    • http://www.slideshare.net/leahculver/oauth-open-api-authentication
    • http://www.slideshare.net/daveman692/open-platforms-in-web-20
  • Your Host
    • Steve Ivy
    • [email_address]
    • Open Standards, Open Source Agitator
    • http://redmonk.net/
  •