SlideShare a Scribd company logo

OAuth_2 101

Gaurav Gupta
Gaurav Gupta

Introduction to OAuth

Technology
1 of 4
Download to read offline
OAuth 2.0
Why OAuth is NeededBanks on which consumer has accounts Consumer Financial Aggregator Maintains the Summary of Balance of all the three bank accounts
Problem Statement • The Aggregator (Mint.com) needs limited information from the bank accounts. • The Simple but inefficient (possibly) dangerous way would be for Mint.com to store the consumer’s username & password for all three bank accounts. • But this gives Mint.com more information than the user may want to give. Mint.com doesn’t need all account transactions just to maintain the account balances.
OAuth 2.0 CallFlow 1.Registers as an application to BOFA (Passes Client Redirect URL) 2. BOFA accepts Mint as Authorized Application Provider (Sends back ClientID, Client_ Secret) 3. Tries accessing Mint.com for BOFA data 4. Mint.com does not have access_token to get BOFA information for the user. It passes on 5. A popup is opened which points (Passes the auth_url , redirect_url, client_id) to the auth_url i.e. BOFA site 6. Sends back RedirectURL with authorization_code. The RedirectURL is the same as supplied in Step 1 by Mint.com 7. Passes Back the authorization code to Mint.com via the Redirect URL. 8. Calls the BOFA Apis with ClientID, ClientSecret and the authorization code recerived in Step 7 9. Generates an access_token for Consumer’s account access. Mint,com can simply use this access_token for future access of Consumer’s account data until token expires *All transactions happen over SSL

Recommended

v 1.0
v 1.0v 1.0
v 1.0
Vinod Amarathunga
 
Internet Banking PPT
Internet Banking PPTInternet Banking PPT
Internet Banking PPT
ayush goyal
 
Online transaction
Online transactionOnline transaction
Online transaction
gouravharvande
 
E-money Payment System
E-money Payment SystemE-money Payment System
E-money Payment System
Mikhail Miroshnichenko
 
Internet banking.
Internet banking.Internet banking.
Internet banking.
Rahul Prajapati
 
Unified payment interface and its security
Unified payment interface and its security Unified payment interface and its security
Unified payment interface and its security
Akshay Dixit
 
Internet Banking
Internet BankingInternet Banking
Internet Banking
Kamlesh Thakur
 
Upi, e wallets & other digital payments
Upi, e wallets & other digital paymentsUpi, e wallets & other digital payments
Upi, e wallets & other digital payments
Arshit Agarwal
 

Recommended

v 1.0
v 1.0v 1.0
v 1.0
Vinod Amarathunga
 
Internet Banking PPT
Internet Banking PPTInternet Banking PPT
Internet Banking PPT
ayush goyal
 
Online transaction
Online transactionOnline transaction
Online transaction
gouravharvande
 
E-money Payment System
E-money Payment SystemE-money Payment System
E-money Payment System
Mikhail Miroshnichenko
 
Internet banking.
Internet banking.Internet banking.
Internet banking.
Rahul Prajapati
 
Unified payment interface and its security
Unified payment interface and its security Unified payment interface and its security
Unified payment interface and its security
Akshay Dixit
 
Internet Banking
Internet BankingInternet Banking
Internet Banking
Kamlesh Thakur
 
Upi, e wallets & other digital payments
Upi, e wallets & other digital paymentsUpi, e wallets & other digital payments
Upi, e wallets & other digital payments
Arshit Agarwal
 
Internet banking
Internet bankingInternet banking
Internet banking
AYUSH PANDEY
 
Online banking||
Online banking||Online banking||
Online banking||
hemanth sanju
 
Online banking ppt
Online banking pptOnline banking ppt
Online banking ppt
Vishnu V S
 
Internet Banking
Internet BankingInternet Banking
Internet Banking
Aman Singh (असर)
 
Online banking
Online bankingOnline banking
Online banking
RanvirSingh133
 
Telebanking and EDI system
Telebanking and EDI systemTelebanking and EDI system
Telebanking and EDI system
Hasanah Mohd Zain
 
Ib reg form
Ib reg formIb reg form
Ib reg form
Rushikesh Devmurari
 
Internet banking
Internet bankingInternet banking
Internet banking
ramandeepjrf
 
Internet banking
Internet bankingInternet banking
Internet banking
Srikanth Gelli
 
Online banking
Online bankingOnline banking
Online banking
Preet Raj
 
e-cheque
e-chequee-cheque
e-cheque
raksha93
 
Card payment evolution v1.0
Card payment evolution v1.0Card payment evolution v1.0
Card payment evolution v1.0
Nugroho Gito
 
Internet Banking
Internet BankingInternet Banking
Internet Banking
guestf9788dc7
 
online banking
online bankingonline banking
online banking
Rajat Goyal
 
Electronic Money (E-Money) & Security
Electronic Money (E-Money) & SecurityElectronic Money (E-Money) & Security
Electronic Money (E-Money) & Security
Clinton Dsouza
 
Account kit and internet banking
Account kit and internet bankingAccount kit and internet banking
Account kit and internet banking
pragya garg
 
Global e payment system ppt
Global e payment system pptGlobal e payment system ppt
Global e payment system ppt
Salman Khaja
 
Internet banking - College Project
Internet banking - College ProjectInternet banking - College Project
Internet banking - College Project
Sheril Daniel
 
INTERNET BANKING PPT
INTERNET BANKING PPTINTERNET BANKING PPT
INTERNET BANKING PPT
Anchit Rajawat
 
[Baidu web frontend_conference_2010]_[soso_frontend_architecture]
[Baidu web frontend_conference_2010]_[soso_frontend_architecture][Baidu web frontend_conference_2010]_[soso_frontend_architecture]
[Baidu web frontend_conference_2010]_[soso_frontend_architecture]
思念 青青
 
中小企業如何利用社群媒體經營品牌 案例分享
中小企業如何利用社群媒體經營品牌 案例分享中小企業如何利用社群媒體經營品牌 案例分享
中小企業如何利用社群媒體經營品牌 案例分享
社群贏家
 
Laamubrochuresep10
Laamubrochuresep10Laamubrochuresep10
Laamubrochuresep10
antmelon
 

More Related Content

What's hot

Online banking
Online bankingOnline banking
Online banking
Preet Raj
 

What's hot (19)

Internet banking
Internet bankingInternet banking
Internet banking
 
Online banking||
Online banking||Online banking||
Online banking||
 
Online banking ppt
Online banking pptOnline banking ppt
Online banking ppt
 
Internet Banking
Internet BankingInternet Banking
Internet Banking
 
Online banking
Online bankingOnline banking
Online banking
 
Telebanking and EDI system
Telebanking and EDI systemTelebanking and EDI system
Telebanking and EDI system
 
Ib reg form
Ib reg formIb reg form
Ib reg form
 
Internet banking
Internet bankingInternet banking
Internet banking
 
Internet banking
Internet bankingInternet banking
Internet banking
 
Online banking
Online bankingOnline banking
Online banking
 
e-cheque
e-chequee-cheque
e-cheque
 
Card payment evolution v1.0
Card payment evolution v1.0Card payment evolution v1.0
Card payment evolution v1.0
 
Internet Banking
Internet BankingInternet Banking
Internet Banking
 
online banking
online bankingonline banking
online banking
 
Electronic Money (E-Money) & Security
Electronic Money (E-Money) & SecurityElectronic Money (E-Money) & Security
Electronic Money (E-Money) & Security
 
Account kit and internet banking
Account kit and internet bankingAccount kit and internet banking
Account kit and internet banking
 
Global e payment system ppt
Global e payment system pptGlobal e payment system ppt
Global e payment system ppt
 
Internet banking - College Project
Internet banking - College ProjectInternet banking - College Project
Internet banking - College Project
 
INTERNET BANKING PPT
INTERNET BANKING PPTINTERNET BANKING PPT
INTERNET BANKING PPT
 

Viewers also liked

中小企業如何利用社群媒體經營品牌 案例分享
中小企業如何利用社群媒體經營品牌 案例分享中小企業如何利用社群媒體經營品牌 案例分享
中小企業如何利用社群媒體經營品牌 案例分享
社群贏家
 
驚!台灣中小企業平均存活率僅三年!
驚!台灣中小企業平均存活率僅三年!驚!台灣中小企業平均存活率僅三年!
驚!台灣中小企業平均存活率僅三年!
社群贏家
 
社群媒體行銷數據2011 10 (http://fbwinner.blogspot.com)
社群媒體行銷數據2011 10 (http://fbwinner.blogspot.com)社群媒體行銷數據2011 10 (http://fbwinner.blogspot.com)
社群媒體行銷數據2011 10 (http://fbwinner.blogspot.com)
社群贏家
 

Viewers also liked (7)

[Baidu web frontend_conference_2010]_[soso_frontend_architecture]
[Baidu web frontend_conference_2010]_[soso_frontend_architecture][Baidu web frontend_conference_2010]_[soso_frontend_architecture]
[Baidu web frontend_conference_2010]_[soso_frontend_architecture]
 
中小企業如何利用社群媒體經營品牌 案例分享
中小企業如何利用社群媒體經營品牌 案例分享中小企業如何利用社群媒體經營品牌 案例分享
中小企業如何利用社群媒體經營品牌 案例分享
 
Laamubrochuresep10
Laamubrochuresep10Laamubrochuresep10
Laamubrochuresep10
 
[Baidu web frontend_conference_2010]_[sina_blog_architecture]
[Baidu web frontend_conference_2010]_[sina_blog_architecture][Baidu web frontend_conference_2010]_[sina_blog_architecture]
[Baidu web frontend_conference_2010]_[sina_blog_architecture]
 
驚!台灣中小企業平均存活率僅三年!
驚!台灣中小企業平均存活率僅三年!驚!台灣中小企業平均存活率僅三年!
驚!台灣中小企業平均存活率僅三年!
 
社群媒體行銷數據2011 10 (http://fbwinner.blogspot.com)
社群媒體行銷數據2011 10 (http://fbwinner.blogspot.com)社群媒體行銷數據2011 10 (http://fbwinner.blogspot.com)
社群媒體行銷數據2011 10 (http://fbwinner.blogspot.com)
 
I Love APIs 2015: Scaling Mobile-focused Microservices at Verizon
I Love APIs 2015: Scaling Mobile-focused Microservices at VerizonI Love APIs 2015: Scaling Mobile-focused Microservices at Verizon
I Love APIs 2015: Scaling Mobile-focused Microservices at Verizon
 

Similar to OAuth_2 101

Similar to OAuth_2 101 (20)

OAuth2 primer
OAuth2 primerOAuth2 primer
OAuth2 primer
 
Mb2420032007
Mb2420032007Mb2420032007
Mb2420032007
 
SAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID ConnectSAML VS OAuth 2.0 VS OpenID Connect
SAML VS OAuth 2.0 VS OpenID Connect
 
OAuth2 and OpenID with Spring Boot
OAuth2 and OpenID with Spring BootOAuth2 and OpenID with Spring Boot
OAuth2 and OpenID with Spring Boot
 
Web services security_in_wse_3_ppt
Web services security_in_wse_3_pptWeb services security_in_wse_3_ppt
Web services security_in_wse_3_ppt
 
E Payment
E PaymentE Payment
E Payment
 
Secure electronic transactions (SET)
Secure electronic transactions (SET)Secure electronic transactions (SET)
Secure electronic transactions (SET)
 
Safex pay avantgarde -presentation
Safex pay avantgarde -presentationSafex pay avantgarde -presentation
Safex pay avantgarde -presentation
 
Amazon Cognito OAuth 2.0 Grants
Amazon Cognito OAuth 2.0 GrantsAmazon Cognito OAuth 2.0 Grants
Amazon Cognito OAuth 2.0 Grants
 
Microsoft Graph API Delegated Permissions
Microsoft Graph API Delegated PermissionsMicrosoft Graph API Delegated Permissions
Microsoft Graph API Delegated Permissions
 
Clef security architecture
Clef security architectureClef security architecture
Clef security architecture
 
SSL TSL;& SET
SSL TSL;& SETSSL TSL;& SET
SSL TSL;& SET
 
Securing APIs with OAuth 2.0
Securing APIs with OAuth 2.0Securing APIs with OAuth 2.0
Securing APIs with OAuth 2.0
 
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
OAuth 2.0 and Mobile Devices: Is that a token in your phone in your pocket or...
 
Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect Microservice security with spring security 5.1,Oauth 2.0 and open id connect
Microservice security with spring security 5.1,Oauth 2.0 and open id connect
 
Moneybookers Gateway Manual
Moneybookers Gateway ManualMoneybookers Gateway Manual
Moneybookers Gateway Manual
 
Safex pay avantgarde -presentation
Safex pay avantgarde -presentationSafex pay avantgarde -presentation
Safex pay avantgarde -presentation
 
bitcoin - Google Docs.pdf
bitcoin - Google Docs.pdfbitcoin - Google Docs.pdf
bitcoin - Google Docs.pdf
 
Creating a Sign On with Open id connect
Creating a Sign On with Open id connectCreating a Sign On with Open id connect
Creating a Sign On with Open id connect
 
O auth2 with angular js
O auth2 with angular jsO auth2 with angular js
O auth2 with angular js
 

Recently uploaded

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Recently uploaded (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

OAuth_2 101

  • 2. Why OAuth is NeededBanks on which consumer has accounts Consumer Financial Aggregator Maintains the Summary of Balance of all the three bank accounts
  • 3. Problem Statement • The Aggregator (Mint.com) needs limited information from the bank accounts. • The Simple but inefficient (possibly) dangerous way would be for Mint.com to store the consumer’s username & password for all three bank accounts. • But this gives Mint.com more information than the user may want to give. Mint.com doesn’t need all account transactions just to maintain the account balances.
  • 4. OAuth 2.0 CallFlow 1.Registers as an application to BOFA (Passes Client Redirect URL) 2. BOFA accepts Mint as Authorized Application Provider (Sends back ClientID, Client_ Secret) 3. Tries accessing Mint.com for BOFA data 4. Mint.com does not have access_token to get BOFA information for the user. It passes on 5. A popup is opened which points (Passes the auth_url , redirect_url, client_id) to the auth_url i.e. BOFA site 6. Sends back RedirectURL with authorization_code. The RedirectURL is the same as supplied in Step 1 by Mint.com 7. Passes Back the authorization code to Mint.com via the Redirect URL. 8. Calls the BOFA Apis with ClientID, ClientSecret and the authorization code recerived in Step 7 9. Generates an access_token for Consumer’s account access. Mint,com can simply use this access_token for future access of Consumer’s account data until token expires *All transactions happen over SSL