27 Aug 2013
With APIs beginning to enter the mainstream consciousness, it is time to spend more time educating the masses about OAuth. We've had plenty of conversations between two of the OAuth legs, provider and developer, but we now need to bring the third leg into the conversation--the user.
First, what is OAuth? - An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.
Whether you like it or not, OAuth has become the industry standard for accessing resources, being served up via APIs, that are being consumed through desktop, web and the fast growing mobile space.
OAuth Platforms & Data Providers
If you are an online platform, OAuth is something you need to understand. At a minimum, if you require users to establish an account, you need to consider allowing users to create their accounts and login in the future using other popular OAuth providers like Facebook, Twitter and Google. Next if you want to provide access to your platform user's data via an API, you need to take a deeper dive into OAuth, and consider establishing yourself as an OAuth provider.
OAuth for Desktop, Web and Mobile Developers
In 2013, if you are a developer, you are probably using APIs. OAuth has been very intimidating for developers for quite some time, but with the increased availability of quality OAuth clients, better implementations and educational materials from API providers, and standardized approaches by startups like OAuth.io--OAuth is something you shouldn't fear anymore. You need OAuth as a default tool in your developer toolbox.
Everyday Online User
Like the term API, OAuth is something that should be added to the vocabulary of every tech savvy user. You should understand that OAuth exists, and that it gives you the ability to create accounts and login to your favorite platforms without filling out endless new forms and sharing your passwords unnecessarily. The platforms you use daily, like Facebook, Twitter, LinkedIn and Google all are OAuth providers, and you should leverage these providers to manage your online presence. The control is in your hands to securely manage your online persona using OAuth, and with a little education and maintenance you can ensure you profile(s) are secure, and only the providers you trust have access to your important data.
This is a first post in series of OAuth related information that is looking to educate the masses about the importance of OAuth. Hopefully increasing the number of quality OAuth providers, knowledgeable developers and OAuth aware online users--making OAuth something that is ubiquitous across the web, and enabling meaningful 3 legged conversations that make data accessible, incentivizes developers while protecting end-user's privacy.
I will be deploying an entirely new research project dedicated to OAuth, where I will work on stories about OAuth that hopefully resonate with the masses. As with my other research, it will take me a while to dial in. As I work to do this, I will curate the best stories and tools in the OAuth space, eventually trying to create a polished repository of OAuth resources that providers, developers and users will find valuable.