OAuth 2.0 is mostly down to arguments over individual words in its requirements and recommendations

Dark Reading Staff, Dark Reading

August 31, 2011

1 Min Read

The social media security protocol OAuth 2.0 soon ought to be fully baked--even if the editor of the specification is left grumbling that there have been too many cooks in the kitchen.

OAuth 2.0 is already one of the most important social software development standards, thanks to its incorporation into the Facebook authentication scheme used with the Open Graph API. As implemented by Facebook, it provides those popup dialog boxes asking you to grant an application the right to access your personal data and activity stream. Thereafter, OAuth provides the mechanism an application uses to prove to Facebook that you have granted it the right to access those resources.

Yahoo, Google, and Web 2.0 pioneers like 37signals have also implemented some version of OAuth without waiting for the specification to be final. Yet when the OpenSocial 2.0 specification was published last week, it referenced OAuth as an "incubating" standard because it was still in the process of being finalized through an Internet Engineering Task Force (IETF) working group.

Read the full article here.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights