OAuth 2.0 Introduction

OAuth 2.0 is an open authorization protocol which enables applications to access each others data. For instance, a game application can access a users data in the Facebook application, or a location based application can access the user data of the Foursquare application etc.
Here is a diagram illustrating the concept:
Example of how OAuth 2.0 is used to share data via applications.
Example of how OAuth 2.0 is used to share data via applications.
The user accesses the game web application. The game web application asks the user to login to the game via Facebook. The user logs into Facebook, and is sent back to the game. The game can now access the users data in Facebook, and call functions in Facebook on behalf of the user (e.g. posting status updates).

OAuth 2.0 Use Cases

OAuth 2.0 can be used either to create an application that can read user data from another application (e.g. the game in the diagram above), or an application that enables other applications to access its user data (e.g. Facebook in the example above).
OAuth 2.0 is a replacement for OAuth 1.0, which was more complicated. OAuth 1.0 involved certificates etc. OAuth 2.0 is more simple. It requires no certificates at all, just SSL / TLS.

OAuth 2.0 Specification

The purpose of this tutorial is to provide an overview of the OAuth 2.0 protocol that is easy to understand. It is not the purpose to describe every detail of the specification, though.
If you plan to implement OAuth 2.0 you will most likely need to visit the specification to study it in full detail. You can find the specification here:
http://tools.ietf.org/html/draft-ietf-oauth-v2-23

No comments:

Post a Comment

Genuine websites to earn money.

If you are interested in PTC sites then this article is for you. I have personally tried many of the sites and found that the best thing ...