Skip to Main Content
Getting Started with OAuth 2.0
book

Getting Started with OAuth 2.0

by Ryan Boyd
February 2012
Beginner to intermediate content levelBeginner to intermediate
78 pages
2h 13m
English
O'Reilly Media, Inc.
Content preview from Getting Started with OAuth 2.0

Terminology

In order to understand OAuth, it’s important to first understand the relevant terminology. We’ll introduce some key terms up front, and then discuss additional terms throughout the book.

Authentication

Authentication is the process of verifying the identity of a user—knowing that the user is who they claim to be.

In the real world, when a police officer asks for your identification, she’s verifying your identity by ensuring that the picture on your identification matches your likeness.

On desktop computers and on the Web, authentication is about knowing that the user at the keyboard is the owner of the account. Authentication is typically performed by asking a user for a username and password. The username represents the user’s claimed identity, and the software application assumes that if the user provides the correct password that they are indeed that user.

Federated Authentication

Although many applications have their own system of accounts (including usernames and passwords), some applications rely on other services to verify the identity of users. This is called federated authentication.

In a corporate IT environment, applications may trust an Active Directory server, a LDAP server, or a SAML provider to authenticate users.

On the Web, applications often trust OpenID providers (such as Google or Yahoo!) to handle the authentication of users. There are many benefits to federation for both application developers and users. OpenID is the most common open web protocol for handling ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

OAuth 2 in Action

OAuth 2 in Action

Justin Richer, Antonio Sanso
Mastering OAuth 2.0

Mastering OAuth 2.0

Charles Bihis

Publisher Resources

ISBN: 9781449317843Errata PageSupplemental Content