Michael Schwartz and Maciej MachulakSecuring the Perimeterhttps://doi.org/10.1007/978-1-4842-2601-8_4

4. OAuth

Michael Schwartz¹ and Maciej Machulak²

(1)

Austin, TX, USA

(2)

London, UK

OAuth 2.0 (or simply as “OAuth” because OAuth 1.0 is now irrelevant) defines a mechanism for using bearer tokens to make authorized HTTP requests. Simple possession of a bearer token enables access. For example, a long time ago in New York City, if you had a “subway token,” you inserted it into the turnstile and entered the subway station. No questions asked—you have the token, you get in. Bearer tokens are also called “access tokens”.

Although OAuth is known primarily as a technology for consumer applications, its popularity is ...

Get Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software by Michael Schwartz, Maciej Machulak

4. OAuth

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly