OAuth is an open standard to authorization. OAuth provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without sharing their credentials.
It is important to realize OAuth is a way to authenticate users - to ensure a user is who he says he is. The protocol was designed to circumvent problems with the sharing of user credentials in distributed and Web 2.0 environments. With OAuth, resources stored on one website can be shared or accessed by a user once he is authenticated via OAuth. There is no need for the user to create a new account on the website and, at the same time, the website is not privy to the user's credentials.
OAuth operates much like a client/server computing model, where a primary website storing the user resources acts as a server and the website or application accessing that data is a client. The primary website establishes an OAuth interface (otherwise called an API) and secret key for the requesting website as a means of establishing a session to validate the user. Once the user requests access to the data or resources of the client website, he or she takes a side trip and is forwarded to the login procedure of the primary website, at which time the user provides his or her login credentials. Upon successful authentication there, an authorization token is sent from that primary website to the requesting website as an acknowledgment of authentication - allowing the user the access of data or other resources originally requested.
It is important to realize OAuth is a way to authenticate users - to ensure a user is who he says he is. The protocol was designed to circumvent problems with the sharing of user credentials in distributed and Web 2.0 environments. With OAuth, resources stored on one website can be shared or accessed by a user once he is authenticated via OAuth. There is no need for the user to create a new account on the website and, at the same time, the website is not privy to the user's credentials.
OAuth operates much like a client/server computing model, where a primary website storing the user resources acts as a server and the website or application accessing that data is a client. The primary website establishes an OAuth interface (otherwise called an API) and secret key for the requesting website as a means of establishing a session to validate the user. Once the user requests access to the data or resources of the client website, he or she takes a side trip and is forwarded to the login procedure of the primary website, at which time the user provides his or her login credentials. Upon successful authentication there, an authorization token is sent from that primary website to the requesting website as an acknowledgment of authentication - allowing the user the access of data or other resources originally requested.
0 comments:
Post a Comment