We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byIsabella Fagan
Modified over 4 years ago
The How of OAuth OAuth Hackathon – 4/26 @ Six Apart http://icanhaz.com/oauth
The How of OAuth or: How I learned to stop worrying and fall in love with Factory Joe
OAuths Goal Website X can access your protected data at API Y – All without sharing your password off-site – especially when there isnt one like with OpenID
OAuth gives you: Signed HTTP Requests Safe, Password-less Token Exchange Signed HTTP Requests Safe, Password-less Token Exchange
The Three Actors User – My Buddy (not me) Service Provider – Chuck E. Cheese Consumer – 10 yr old kids
The Three Tokens Access Tokens – Chuck E. Cheese Tickets Request Tokens – Chuck E. Cheese Tokens Consumer Keys
The Three URLS Request Token Issuer Authorization Page Access Token Exchanger
Building a Consumer
Get a consumer key and secret
Simple enough, eh?
Get a Request Token
Authorize the Request Token
Exchange for an Access Token
Making Authenticated Calls
Building a Service Provider
Data to store Consumers: – key, secret, callback_url Request Token: – token, secret, consumer, authorizing_user Access Token: – token, secret, consumer, user
Issuing Request Tokens Verify using only the consumer credential
Issuing Request Tokens Issue the request token
Authorizing Request Tokens Ask the user to accept the authorization
Authorizing Request Tokens Connecting the logged in user go back to consumer
Exchange for an Access Token Validate using Request Token and Consumer
Exchange for an Access Token Issue the Access Token Destroy the Request Token
Protecting Resources Validate Access Token
OAuth Hackathon – 4/26 @ Six Apart http://icanhaz.com/oauth
Yahoo! OpenID and OAuth 1 Allen Tom Yahoo! Membership Architect OpenID Foundation Board
Your Guide to Family Connection Welcome, Ms. Scasso! Your counselor has created an account for you on Family Connection, a website to help you plan for.
22 May 2008IVOA Trieste: Grid & Web Services1 Alternate security mechanisms Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY.
OAuth Phil Wilson, University of Bath, what the? "OAuth provides a way to grant access to your data on some website to a third website, without.
Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).
SearchSearch User Profiles SearchSearchExcelExcelUserProfilesUserProfiles Managed Metadata.
CS5204 – Operating Systems 1 A Private Key System KERBEROS.
Digital Certificate Installation & User Guide For Class-2 Certificates.
Authentication Simon Cross Partner Engineer facebook.com/sicross An Overview.
FI-WARE Testbed Access Control temporary solution.
OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:
Prabath Siriwardena | Johann Nallathamby.
The Alfresco API Steven Glover Gethin James Peter Monks.
Introducing Windows Server 2012 R2 Work Folders:
Will Darby April What is Federated Security Security Assertion Markup Language (SAML) Overview Example Implementations Alternative.
Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.
By: Ansuya Chauhan.
Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.
Workflow OpenID Scenario Users get OpenID from provider Andy is given access to service, and then to workflow server. Andy installs workflow Workflow gets.
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
© 2018 SlidePlayer.com Inc. All rights reserved.