Open SourceOAuth: Token-Based Authorization for the Social Networking Age

OAuth: Token-Based Authorization for the Social Networking Age

Developer.com content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

In an age when web users have their social data scattered across different social sites and they want to access and use this data from outside these sites, developers face the serious security challenge of enabling users to access their private data in social sites without having to share their credentials.OAuth is the perfect solution. This open authorization protocol that allows standard and secure API authorization without exposing the user’s credentials. OAuth also provides a mechanism to grant limited access (in scope, duration, and so on).

In his Web Developer’s Virtual Library (WDVL) article, Jaswinder Singh provides an overview of OAuth’s token-based authorization system and explains how this system works between two web sites. At a high level, the elements involved are:

  • User: Social network (Orkut, Facebook, Twitter, iGoogle, etc.) users like you and me
  • OAuth Provider: Web site or social networking site where the user’s private resources are stored
  • OAuth Consumer: Web site, social networking site, mobile device, set-top box, etc. trying to access the protected resource on the other site

 


Read the full story at Web Developer’s Virtual Library:

OAuth: Token-Based Authorization for the Social Networking Age

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends & analysis

Latest Posts

Related Stories