OAuth is a security protocol which is used to share specific information
between websites, services devices, applications etc
For example we can use an OAuth security token to access only videos or pictures in a server, with this token any external resource or website can access only videos and images from the server and nothing else.
OAuth allows us to define individual security tokens for a set of specific resources, thereby preventing the need to share the original security token which has access to all the resources in the server/site.
For example, we can define a token to share only the list of contacts in an e-mail server, another token to share only the schedule/appointment details, another token to share only images etc, this way each security token can be used to access only to the specific set of resources to which it is tagged to thereby preserving the authenticity of the content in the server.
OAuth 2.0 is the successor version of OAuth 1.0; OAuth 2.0 provides different authentication flows based on the type of source and target systems, like web applications, mobiles, desktop applications etc.
Google APIs uses OAuth security protocol to provide access to its various API’s. If we want to use a specific Google API then we need to register with Google and get an access token to access the API. Each API has its own token and cannot be used to access other API’s. Access tokens are sent to a Google API in the HTTP Authorization header, or as a query string parameter
For example, the access token used to access Google+ API, cannot be used to access the Google Contacts API. To know more on using Google API’s using OAuth refer to Google’s documentation
https://developers.google.com/accounts/docs/OAuth2
To know more about the OAuth protocol refer to the OAuth site http://oauth.net/2/
No comments:
Post a Comment