wherefore art thou oauth
play

Wherefore Art Thou, OAuth? 1 What is OAuth? 2 What is OAuth? - PowerPoint PPT Presentation

Wherefore Art Thou, OAuth? 1 What is OAuth? 2 What is OAuth? Your Valet Key for the Web 2 What is OAuth? Your Valet Key for the Web Delegated Authentication Protocol 2 What is OAuth? Your Valet Key for the Web Delegated Authentication


  1. Wherefore Art Thou, OAuth? 1

  2. What is OAuth? 2

  3. What is OAuth? Your Valet Key for the Web 2

  4. What is OAuth? Your Valet Key for the Web Delegated Authentication Protocol 2

  5. What is OAuth? Your Valet Key for the Web Delegated Authentication Protocol Yet Another Community-driven Protocol 2

  6. Use Case Zero + 3

  7. Use Case Zero + ? 3

  8. Federated Sign In 4

  9. Federated Sign In 4

  10. API Access 5

  11. API Access 5

  12. Phishing 6

  13. Phishing 6

  14. Phishing 6

  15. Phishing 6

  16. Phishing 6

  17. Delegated Authentication Grant 3rd Party Application access to account User does not give 3rd Party Application credentials Control 3rd Party Application access to account 7

  18. What Was Already Out There? FlickrAuth BBAuth AuthSub OpenAuth Amazon Web Services 8

  19. The Opportunity Manage API access to services with federated sign in. Render the password anti-pattern obsolete, teach end users not to accept it, and reduce phishing opportunities. Build a community standard useable by even the smallest consumers or service providers as well as the largest. Standardize existing delegated authentication patterns already vetted by larger institutions. Proliferate protocol libraries so the code to protect and access resources only had to be written once. 9

  20. Who Helped Develop OAuth? Ma.gnolia Yedda Twitter Wesabe Six Apart AOL Flickr Google Pownce Yahoo Jaiku Stamen 10

  21. Use Cases Primary: Three Legged Secondary: Two Legged 11

  22. Three Legged Used to request permission to access a specific user’s protected resources Requires Involvement of three parties: User, Service Provider, Consumer Examples: Contacts import, photo printing, bookmark synchronizing, location sharing, shopping cart or account updates 12

  23. Two Legged Used to access public resources, yet provider is still able to manage access and usage for a consumer. Used to access resource that are private to specific consumers. Requires Involvement of only two parties: Service Provider and Consumer Examples: searches for publicly accessible data, consumer validated super-user level access 13

  24. Who’s Using OAuth? Google Ma.gnolia thmbnl Yahoo! Fire Eagle Praized MySpace Brightkite Yammer Netflix GetSatisfaction Agree2 SmugMug Meetup.com Ohloh Photobucket 88 Miles 14

  25. Three Legged Contact Import 15

  26. Three Legged Contact Import 15

  27. Three Legged Contact Import 15

  28. Three Legged Contact Import 15

  29. Two Legged Public Search 16

  30. Two Legged Public Search 16

  31. Two Legged Public Search 16

  32. Two Legged Public Search http://paul.donnelly.org/2008/10/31/2-legged-oauth-javascript-function-for-yql/ 16

  33. Two Legged Public Search http://paul.donnelly.org/2008/10/31/2-legged-oauth-javascript-function-for-yql/ 16

Recommend


More recommend