OAuth you said

4 min read Original article ↗

More Related Content

A simple PHP LinkedIn OAuth 2.0 example

OpenAthens Conference 2019: How to make the most of OpenAthens

autumn mood - beautiful images of autumn with woodland choir’s ‘autumn’

Viewers also liked

Taiwan international orchid_show

Carnival...Karneval...2(Sziszko)

OC EMS Operation Sober Graduation

LOVE doesn’t ask Why - Happy Valentine’s Day with Celine Dion’s ‘Love doesn’t...

Eduson kak vospitat liderov

Portland, oregon slideshow

Similar to OAuth you said

Oauth2 and OWSM OAuth2 support

Stateless token-based authentication for pure front-end applications

Stateless authentication for microservices

Devteach 2017 OAuth and Open id connect demystified

O auth 2.0 authorization framework

ConFoo 2015 - Securing RESTful resources with OAuth2

oauth-for-credentials-security-in-rest-api-access

OAuth2 Implementation Presentation (Java)

A technical insight into the concepts and terminologies behind oauth – an ope...

The Many Flavors of OAuth - Understand Everything About OAuth2

OAuth - Don’t Throw the Baby Out with the Bathwater

Stateless Auth using OAUTH2 & JWT

Stateless authentication for microservices applications - JavaLand 2015

Recently uploaded

Effortless Distributed Systems with Aspire.pdf

apidays Paris 2025 | Zero Trust By Design

Preserve workload integrity during cross-architecture migration

Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...

GDG Cloud Southlake #49: Pradeep R Kumar: Implications of Agentic AI for Iden...

Session 1/5: Enhancing Automation with Screenplay & Business Rules

Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...

TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops

Empower your IT team with cloud-based PC management using Dell Management Por...

apidays Paris 2025 | API Layer7 Security: Real-World Use Cases (BBVA & Nexi)

AI in the Real World: From University to Industry

Microsoft Azure News - February 2026 - BAUG

AI Vector Search Best Practices Multicloud Feb 2026

UiPath Modern Automation Playbook -Session 2

Towards a Vibrant AI Hardware Accelerator Ecosystem, invited talk at the 4th ...

Bringing AI into R&D, Taking a Human-Centric Approach / Haim Yadid

Spacecraft Guidance Quick Research Guide by Arthur Morgan

UiPath Automation Developer Associate Training Series 2025 - Session 4

GTM-and-Sales-Plan for a cyber security product

AI TOOLS FOR PRODUCTIVITY IN MODERN TIMES.pdf

OAuth you said

  • 1.
  • 2.

    Why OAuth? Provide astandard way to access protected resources, without sharing passwords. OAuth.io OAuth, You said?

  • 3.
  • 4.

    OAuth.io The middle-man betweenthe service and the OAuth provider ! Never share your Facebook credentials with a service. ! Today, almost any app needing access or permissions relies on OAuth. OAuth, You said? Tokens!

  • 5.

    OAuth.io Users had toprovide their Facebook credentials to third party services. ! Not secure. Intrusive. Inconvenient. OAuth, You said? Before? Basic Auth.

  • 6.

    OAuth was firstdesigned to be interoperable and super easy to implement for developers. Started as a Protocol OAuth.io OAuth, You said?

  • 7.

    OAuth 2.0 hasbeen reclassified as a framework. Which means no interoperability and no backward compatibility :/ Ended up as a Framework OAuth.io OAuth, You said?

  • 8.

    30+ different implementations ! Twoseparate flows for token retrieval. ! Resources' names and parameters differ from one provider to another ! A nightmare for developers: lots of potential traps. No hope for a good learning curve… So yes, OAuth is broken OAuth.io OAuth, You said?

  • 9.

    OAuth 1.0 =October 2007 OAuth 1.0a = June 2009 OAuth 2.0 first draft = early 2010
 OAuth 2.0 final = late 2011 Many versions in 5 years OAuth.io OAuth, You said?

  • 10.

    Complex signature scheme. ! Almostno control over token expiry. ! No permission management. OAuth.io OAuth, You said? OAuth 1.0a was limited

  • 11.

    ! More flexible butless interoperable SSL rather than signatures Easier to implement No backward compatibility OAuth.io OAuth, You said? OAuth 2.0 compromise

  • 12.

    Resource Owner: theuser who wants to share a resource, e.g. owner of the facebook photos. ! Client: the application that wants to leverage a resource hosted by a third party, e.g. the photo printing website. ! Authorization Server: the entity that decides to grant access to the client (application), e.g. Facebook’s authorization server. ! Resource Server: the place where the third party resource is hosted, e.g. Facebook’s server where the photos to print are. 4 quick definitions

  • 13.
  • 14.
  • 15.

    Credits The Big Lebowski WalkerTexas Ranger aka Chuck (the 1st) Norris Jackie Brown 2001: A Space Odyssey R2D2: Star Wars (Dagobah) C3PO: Star Wars (Tatooine) Las Vegas Parano Terminator Forrest Gump Austin Powers OAuth.io OAuth, You said? Judge Dredd