oauth tutorial - oauth2 | History of OAuth - oauth2 tutorial - oauth authentication




APIs: Application Programming Interfaces

oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  oauth implicit requests and responses - what is oauth , saml vs oauth , oauth tutorial
  • APIs are for connecting “software machines”
    • Modules within a program
    • Programs on a server
    • Programs over local networks
    oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  api gateway - what is oauth , saml vs oauth , oauth tutorial
    oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  oath web api - what is oauth , saml vs oauth , oauth tutorial

    How Web APIs Evolved

  • Before there were Web APIs, there were Web Apps
  • oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  oath web apps - what is oauth , saml vs oauth , oauth tutorial

    Then came Web Services - SOA / SOAP services

    oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  web sevice - what is oauth , saml vs oauth , oauth tutorial

    Security for Web Services

  • Establish TRUST with public key infrastructure
    • – Private key / public certificate pairs
    • – Have certificates signed by recognized CA / RA
    • – Exchange that certificate with similarly-assured certificate from partners
  • Apply asymmetric crypto at runtime to validate digital signatures / decrypt encrypted content
    • – SSL/TLS Mutual Authentication
    • – XML-DSIG/XML-ENC applied to SOAP documents
    • TRUST partner / corporate customer to treat crypto material with care and caution

    Need for more security - Evolution of OAUTH

    oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  web sevice - what is oauth , saml vs oauth , oauth tutorial

    The new security model for Web APIs

    oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  web sevice - what is oauth , saml vs oauth , oauth tutorial
    oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  web sevice - what is oauth , saml vs oauth , oauth tutorial

    we had better require more regular and active scrutiny of the Apps’ access privileges

  • First of all, DO NOT issue long-lasting certificates to the Apps (e.g. x.509 expires in 1 yr)
  • Instead, issue short-lived access tokens that can be revoked at any time
  • oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  web service - what is oauth , saml vs oauth , oauth tutorial

    …we had better require more regular and active scrutiny of the Apps’ access privileges…

  • Next, include the end user in authenticating / authorizing the App
  • Explicitly grant access
  • To a limited scope
  • oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  web service - what is oauth , saml vs oauth , oauth tutorial

    Introducing OAuth The new security model for Web APIs

  • Open standard specification by IETF WG
    • The OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service, either on behalf of a resource owner by orchestrating an approval interaction between the resource owner and the HTTP service, or by allowing the third-party application to obtain “ access on its own behalf.
    oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  web service - what is oauth , saml vs oauth , oauth tutorial
    oauth 2.0 - oauth - oauth2 - oauth authentication , oauth token , oauth2 flow , oauth server , oauth flow , oauth2 authentication , oauth2 server , oauth refresh token ,  oauth authorization code -  web service - what is oauth , saml vs oauth , oauth tutorial

    Related Searches to oauth2 | History of OAuth

    Adblocker detected! Please consider reading this notice.

    We've detected that you are using AdBlock Plus or some other adblocking software which is preventing the page from fully loading.

    We don't have any banner, Flash, animation, obnoxious sound, or popup ad. We do not implement these annoying types of ads!

    We need money to operate the site, and almost all of it comes from our online advertising.

    Please add wikitechy.com to your ad blocking whitelist or disable your adblocking software.

    ×