Everything OAuth

Bruno PedroFollow

Nov. 12, 2010•0 likes•3,585 views

Everything OAuth

Nov. 12, 2010•0 likes•3,585 views

Download to read offline

Technology

Self Improvement

A presentation given at Codebits 2010 about everything related to OAuth. I didn't go into any deep technical details as I tried to cover most OAuth related topics.

Bruno PedroFollow

Viewers also liked

Native Cross-Platform-Apps mit Titanium Mobile und AlloyMayflower GmbH2.9K views•68 slides

Test-Driven JavaScript Development IPCMayflower GmbH1.3K views•35 slides

Mongo DB - Segen oder FluchMayflower GmbH1.3K views•31 slides

Api Design & The Paris SubwayBruno Pedro2.3K views•33 slides

Activity Streams And ContextsBruno Pedro942 views•15 slides

Maintainable consumersBruno Pedro1.3K views•19 slides

Viewers also liked(20)

Native Cross-Platform-Apps mit Titanium Mobile und Alloy

Mayflower GmbH•2.9K views

Test-Driven JavaScript Development IPC

Mayflower GmbH•1.3K views

Mongo DB - Segen oder Fluch

Mayflower GmbH•1.3K views

Api Design & The Paris Subway

Bruno Pedro•2.3K views

Activity Streams And Contexts

Bruno Pedro•942 views

Maintainable consumers

Bruno Pedro•1.3K views

Shoeism - Frau im Glück

Mayflower GmbH•2.4K views

Autenticação e Autorização (in portuguese)

Bruno Pedro•900 views

Plugging holes — javascript memory leak debugging

Mayflower GmbH•3.5K views

Who's using your API?

Bruno Pedro•4.5K views

Salt and pepper — native code in the browser Browser using Google native Client

Mayflower GmbH•2.5K views

APIs Love to Chat

Bruno Pedro•909 views

How to Automate API Discovery

Bruno Pedro•7.3K views

The importance of /me

Bruno Pedro•1.6K views

Is OAuth Really Secure?

Bruno Pedro•3.3K views

Information Retrieval Challenges

Bruno Pedro•4.1K views

API Code Generation

Bruno Pedro•9.3K views

Why and what is go

Mayflower GmbH•1.2K views

Piwik anpassen und skalieren

Mayflower GmbH•1.7K views

Asynchronous Microservices in nodejs

Bruno Pedro•8.2K views

Recently uploaded

Product Listing Presentation_Cathy.pptxCatarinaTorrenuevaMa75 views•41 slides

Improving Employee Experiences on Cisco RoomOS Devices, Webex, and Microsoft ...ThousandEyes81 views•25 slides

Announcing InfluxDB ClusteredInfluxData64 views•30 slides

Navigating the FutureOnBoard32 views•48 slides

Scaling out with WordPressKonstantin Kovshenin57 views•55 slides

Understanding Wireguard, TLS and Workload IdentityChristian Posta173 views•51 slides

Recently uploaded(20)

Product Listing Presentation_Cathy.pptx

CatarinaTorrenuevaMa•75 views

Improving Employee Experiences on Cisco RoomOS Devices, Webex, and Microsoft ...

ThousandEyes•81 views

Announcing InfluxDB Clustered

InfluxData•64 views

Navigating the Future

OnBoard•32 views

Scaling out with WordPress

Konstantin Kovshenin•57 views

Understanding Wireguard, TLS and Workload Identity

Christian Posta•173 views

Google cloud Study Jam 2023.pptx

GDSCNiT•311 views

Getting your enterprise ready for Microsoft 365 Copilot

Vignesh Ganesan I Microsoft MVP•146 views

Nymity Framework: Privacy & Data Protection Update in 7 States

TrustArc•153 views

Future of Skills

Alison B. Lowndes•64 views

Experts Live Europe 2023 - Ensure your compliance in Microsoft Teams with Mic...

Jasper Oosterveld•77 views

Webinar: Discover the Power of SpiraTeam - A Jira Alternative To Revolutioniz...

Inflectra•40 views

Privacy in the era of quantum computers

Speck&Tech•77 views

UiPath Tips and Techniques for Error Handling - Session 2

DianaGray10•31 views

How resolve Gem dependencies in your code?

Hiroshi SHIBATA•98 views

Common WordPress APIs - Options API

Jonathan Bossenger•28 views

The Ultimate Administrator’s Guide to HCL Nomad Web

panagenda•63 views

ISO Survey 2022: ISO 27001 certificates (ISMS)

Andrey Prozorov, CISM, CIPP/E, CDPSE. LA 27001•108 views

Elevate Your Enterprise with FME 23.1

Safe Software•361 views

web test repair.pptx

YuanzhangLin•40 views

Editor's Notes

Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Blaine Cook from twitter, Chris Messina, David Recordon,Larry Halff from magnolia and others
RFC only published in April 2010
Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Authorization - used most of the time Authentication - 2 legged OAuth, &#x201C;sign in with twitter&#x201D;, no to be confused with OpenID Built as an Open Protocol on top of already existing solutions (Amazon,Yahoo)
Example from twitter connections settings
Example from facebook where you can revoke apps and also individual permissions
Example from facebook where you can revoke apps and also individual permissions
Let&#x2019;s see an example (next slide)
OOB = Out of Band aka PIN OAuth
Consumer sends along info about service provider and asks to verify credentials
OAuthpocalypse happened on August 31st 2010
Prevents man-in-the-middle attack
SAML: Security Assertion Markup Language

Everything OAuth

Everything OAuth

Recommended

More Related Content

Viewers also liked

Viewers also liked(20)

More from Bruno Pedro

More from Bruno Pedro(13)

Recently uploaded

Recently uploaded(20)

Editor's Notes