Oauth – Authorization in the cloud

OauthWhat is Oauth?

Wikipedia definition:  “Oauth (Open Authentication) allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically username and password.”

There are many reasons why one should not share their private credentials. Giving your email account password to a social network  site so they can look up your friends is the same thing as going to dinner and giving your ATM card and PIN code to the waiter when it’s time to pay. Any restaurant asking for your PIN code will go out of business, but when it comes to the web, users put themselves at risk sharing the same private information. OAuth to the rescue

This is what you see when you are in any web application which wants to use your data stored in another web application, you will see that you have to put your user and password in the “screen” of the second application, so the first application does not know your credentials, but the second application will allow access to “part” of your data (scope) to the first application. I hope that this is clear!!! Basically, Facebook, Twitter, Flickr, gmail, google docs, etc can use this protocol.

The official page for this standard is: http://oauth.net/

If you want more details to understand this protocol.  This is a good Beginner’s Guide to OAuth.

This is the Google implementation of this protocol, to allow access to Google applications.

This is a good video to explain Oauth 2.0, from the  user point of view. If you want more details have a look of the subsequent videos:Oauth Part 2, Oauth Part 3 and Oauth Part 4.

I know that this post is quite technical, but quite useful to understand the authentication in the cloud.