Because I can do!
|
andreasengel.com
|
Saturday, June 28, 2008
Setting a New Web-Standard with OAuth for Secure API Authentication
Current trends in information architecture, the development of user-provided information and the use and combination of single function focused applications show that the Internet is shifting to a medium that is more and more structured with a decentralized authority.
Instead of using a single site for all online needs users use different sites and services to manage their online experience applying state of the art Data APIs allowing aplications to access their data. Making use of a Web-standard like OAuth for secure API authentication gives your users access to their data while protecting their passwords and other protected areas. From OAuth:
While reviewing one of the latest Google innovations, Google App Engine, which lets one run Web applications on Google's infrastructure with no servers to maintain I found it worth to mention OAuth as an open standard for secure API authentication - OAuth is now supported on all of the Google Data APIs. Being familiar with UML or sequence diagrams it's easy to understand the Google data API authentication process. More on Google Data APIs blog.
Resources:
Instead of using a single site for all online needs users use different sites and services to manage their online experience applying state of the art Data APIs allowing aplications to access their data. Making use of a Web-standard like OAuth for secure API authentication gives your users access to their data while protecting their passwords and other protected areas. From OAuth:
"Many luxury cars today come with a valet key. It is a special key you give the parking attendant and unlike your regular key, will not allow the car to drive more than a mile or two. Some valet keys will not open the trunk, while others will block access to your onboard cell phone address book. Regardless of what restrictions the valet key imposes, the idea is very clever. You give someone limited access to your car with a special key, while using your regular key to unlock everything."Here is a short demo of what it means to end users:
While reviewing one of the latest Google innovations, Google App Engine, which lets one run Web applications on Google's infrastructure with no servers to maintain I found it worth to mention OAuth as an open standard for secure API authentication - OAuth is now supported on all of the Google Data APIs. Being familiar with UML or sequence diagrams it's easy to understand the Google data API authentication process. More on Google Data APIs blog.
Resources:
- Beginner’s Guide to OAuth – Part I
- Beginner’s Guide to OAuth – Part II
- OAuth Authentication for Web Applications (Google)
- Registration for Web-Based Applications (Google)
Labels: apis, bizdev, cloud, google, mashup, networking, oauth, security, strategy
¶ 'Setting a New Web-Standard with OAuth for Secure API Authentication' posted by eA : 11:23 AM
Responsible according to german §6 Teledienstgesetz: Andreas Engel
Responsibility for external sites, which are linked from this site, belongs to their respective owner
Contact | Home | Sitemap
© Andreas Engel 2005 - 2007
CSS Rounded Corners as Brilliant Visual Elements (Design) | Blog Presentation with 3D Reflections (Design) | Top AJAX Libraries and Toolkits (Search) | Comprehensive Video Sharing Sites (Search) | Virtual Dive Trip to Dahab, Sinai Peninsula, Red Sea
