In OAuth: The valey key metaphor and OAuth: Flow for mobile apps, we talked about why OAuth is good for users - how it allows users to grant third-parties access to their web services or mobile apps without sharing their passwords.
This time, why OAuth is good for API providers whether they are exposing APIs for web apps or APIs designed for mobile apps. OAuth means that Web apps that expose APIs don’t have to share passwords. There are two alternatives ...
In my previous post, I talked about how OAuth allows users to grant third-parties access to their web services without sharing their passwords. In that previous example, our user (Bob) accessed his Twitter account through the bit.ly web site. This time, let's look at what happens when Bob is using a mobile app instead of a web app.
OAuth has taken off as a standard way for apps and websites to handle authentication. But OAuth is a confusing spec that can be hard to pin down.
I wanted to talk a little about what is OAuth and when you should use it for your API – hopefully pin it down a little in a few blog posts. I covered a lot of this in OAuth: The Big Picture. Check out the video and slides!
Let’s start with what is OAuth and why it came about.
This time, in this series about pragmatic RESTful API Design, I'll discuss authentication. There are many schools of thought - my colleagues at Apigee and I don't always agree on how to handle authentication - but overall here's my take. Let's look at how PayPal, Facebook, and Twitter handles things differently.
Thanks to all that attended yesterday's webinar "Bigger, Better Business with OAuth." Unfortunately, we had a Webex outage which cut the webinar audio off after a few minutes, but thanks to @sramji and @landlessness for finishing out the webinar for the video (and slides below) after the outage.
Today at #defragcon our @sramji gave this talk making the case for OAuth as a business imperative.
At Apigee, we've been developing a secure, robust API management platform since 2005 and have been running it in the cloud since 2008. We're proud that some of the most demanding enterprise customers like Netflix, Comcast, and GameSpy have made Apigee technology part of their API platform.
We believe that it should be easy to start working with APIs, so last week we launched a new service called the OAuth API, which takes the pain out of getting up and running with APIs that use OAuth.
The story of the OAuth API is the story of yet another function...