P. SiriwardenaAdvanced API Securityhttps://doi.org/10.1007/978-1-4842-2050-4_4

4. OAuth 2.0 Fundamentals

Prabath Siriwardena¹

(1)

San Jose, CA, USA

OAuth 2.0 is a major breakthrough in identity delegation. It has its roots in OAuth 1.0 (see Appendix B), but OAuth Web Resource Authorization Profiles (see Appendix B) primarily influenced it. The main difference between OAuth 1.0 and 2.0 is that OAuth 1.0 is a standard protocol for identity delegation, whereas OAuth 2.0 is a highly extensible authorization framework. OAuth 2.0 is already the de facto standard for securing APIs and is widely used by Facebook, Google, LinkedIn, Microsoft (MSN, Live), PayPal, Instagram, Foursquare, GitHub, Yammer, Meetup, and many more. There ...

Get Advanced API Security: OAuth 2.0 and Beyond now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Advanced API Security: OAuth 2.0 and Beyond by Prabath Siriwardena

4. OAuth 2.0 Fundamentals

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly