Successfully reported this slideshow.
Your SlideShare is downloading. ×
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
The State of OAuth2
The State of OAuth2
Loading in …3
×

Check these out next

72 of 85 Ad

More Related Content

Slideshows for you (20)

Similar to An Introduction to OAuth 2 (20)

Advertisement

More from Aaron Parecki (18)

Recently uploaded (20)

Advertisement

Editor's Notes

  • It was common to see third party sites asking for your Twitter or Email passwords to log you in. Obviously you should be reluctant to hand over your login information to some other site.
  • Problem is it’s really hard to get the signatures right as a third party, and you have to have a real solid understanding of it if you’re going to implement it on your server.
  • This led to a lot of confusion by developers both on the client and server side.
  • OAuth 2 recognizes the challenges of requiring signatures and nonces, and moves to a model where all data is transferred using the built-in encryption of HTTPS.
  • Many sites are adopting the new OAuth 2 spec.http://windowsteamblog.com/windows_live/b/developer/archive/2011/05/04/announcing-support-for-oauth-2-0.aspxhttp://googlecode.blogspot.com/2011/03/making-auth-easier-oauth-20-for-google.html
  • Make sure to keep the refresh token around
  • Now the Javascript code can read the access token in the fragment and begin making API requests
  • Now the Javascript code can read the access token in the fragment and begin making API requests
  • Now the Javascript code can read the access token in the fragment and begin making API requests

×