Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Web Services
 with OAuth



               Nordaaker
What is OAuth?


• A simple open standard for
 API Authentication
Do we need it? We’ve got OpenID



★   Not a replacement, a complementary API.
★   OAuth is Authorization, Openid is
    A...
A bit more about OAuth

★   Not a new idea - FlickrAuth, Google
    AuthSub, BBAuth, etc.
★   Open Standard - http://oauth...
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Web Services with OAuth
Upcoming SlideShare
Loading in …5
×

Web Services with OAuth

14,832 views

Published on

Basic auth for your web services sucks for several reasons. OAuth is a standard protocol for doing token based auth, similar to how flickr auths their desktop apps. OAuth is also an ideal companion to openid, as it doesn't require a local username/password. In this talk we'll take a closer look at how OAuth is built up, as well as look into how you can easily use OAuth for your own APIs, with examples in Catalyst well as Jifty and pure mod_perl.

  • Be the first to comment

Web Services with OAuth

  1. 1. Web Services with OAuth Nordaaker
  2. 2. What is OAuth? • A simple open standard for API Authentication
  3. 3. Do we need it? We’ve got OpenID ★ Not a replacement, a complementary API. ★ OAuth is Authorization, Openid is Authentication ★ OpenID users don’t have passwords, so can’t ask them for that when they try to access the API ★ OAuth is token based, does not require password
  4. 4. A bit more about OAuth ★ Not a new idea - FlickrAuth, Google AuthSub, BBAuth, etc. ★ Open Standard - http://oauth.net/ ★ Wide industry support ★ AOL, Eye-Fi, Facebook, Garmin, Google, LinkedIn, Ma.gnolia, Microsoft, MySpace, Plaxo, Pownce, Salesforce, Songbird, Veodia, and Yahoo!. and more! ★ Easy to understand ★ Easy to implement

×