News Filtered by : Tim

How to Think About OAuth

www.tbray.org on 01/25/2013

Excerpt: I’m not a deep OAuth 2. 0 expert yet; at this point that label is reserved for the (substantial number of) people who wrote the specs. But I’ve worked with a few implementations and talked it over with smart people, and I have opinions. Summary: It’s a framework not a protocol, it has irritating problems, and it’s really very useful. Real Internet Protocols · I mean things like HTTP and SMTP; plug a client and a server into each other and if it doesn’t Just Work, that’s surprising. OAuth 2. 0 isn’t one of those; the language of the spec is full of “Out of scope” and “At the discretion of the implementor”.... read the full post.
Tags: API-Evangelist, API-Stack, Bray, Googlereader, Ifttt, OAuth, ongoing, Tim