Skip to Main Content
Getting Started with OAuth 2.0
book

Getting Started with OAuth 2.0

by Ryan Boyd
February 2012
Beginner to intermediate content levelBeginner to intermediate
78 pages
2h 13m
English
O'Reilly Media, Inc.
Content preview from Getting Started with OAuth 2.0

Chapter 1. Introduction

How OAuth Was Born

In the movie Ferris Bueller’s Day Off, a valet attendant takes a fully restored 1961 Ferrari out for a joyride. How do you prevent the same thing from happening to your brand-new Mustang? Some cars now come with special keys that allow the owner to provide limited authorization to valet attendants (or kids!) and prevent activities such as opening the trunk and driving at excessive speeds.

OAuth was created to solve the same core issue online.

When Google first released the Google Calendar API, it provided the ability for application developers to read and manipulate a user’s Google Calendar. However, the only way for a user to provide delegated access was to give the application his or her account username and password, which the application would then use with Google’s proprietary ClientLogin protocol.

Proprietary protocols like ClientLogin and standard protocols like HTTP Basic authentication resulted in both small and big applications requesting passwords from users to get access to their data. This wasn’t affecting just desktop apps—applications all over the Web were prompting for credentials. Flickr, an online photo-sharing site, was one such application. Originally an independent company, Flickr was acquired by Yahoo! a few years after Google bought Blogger. The idea of Yahoo! asking for Google user passwords scared both firms, leading to the development of new proprietary protocols that tackled this problem on the Web.

With these new ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

OAuth 2 in Action

OAuth 2 in Action

Justin Richer, Antonio Sanso
Mastering OAuth 2.0

Mastering OAuth 2.0

Charles Bihis

Publisher Resources

ISBN: 9781449317843Errata PageSupplemental Content