Welcome to Scribd!

Skip carousel

OAuth

Uploaded by

Fei Hu

0% found this document useful (0 votes)

18 views25 pages

Copyright

Available Formats

PPT, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

0% found this document useful (0 votes)

18 views25 pages

OAuth

Uploaded by

Fei Hu

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Flag for inappropriate content

Jump to Page

You are on page 1of 25

Search inside document

OAuth

Fei Hu
What is oauth?
An open protocol to allow secure API
authorization in a simple and standard method
from desktop and web applications.
Oauth is ...

• Token-based Authentication

Logged-in user has a unique token used to access data from

the site
Roles in OAuth

User

Service
Consumer
Provider
Roles in OAuth

• User - Social network user like you and me

• Consumer – application that uses OAuth to access the

resources in service provider

• Service provider - web application that allows access via

OAuth
A Typical Scenario
User

PRINTER PHOTO
How does OAuth work?
Request Token!

PRINTER site PHOTO site

asks for
request token
returns
request token

...
Authorize!

PRINTER site PHOTO site

redirects user to
PHOTO with
request token user logs in and
authorizes
PRINTER

redirect back
with authorized
request token
Access Token!

PRINTER site PHOTO site

ask for access
token with
authorized
request token
request token
exchanged for
access token

PRINTER
stores access
token
PRINTER use the access token
print protected resources(photos)
from PHOTO site
Authorization Process
• Obtain request token
• User authorize request
token
• Exchange request token
for an access token
• Use access token to obtain
protected resources

picuture from http://www.oauth.net

Tokens

• Request Tokens

• Access Tokens
Who is using Oauth?
library

http://oauth.net/code/
Client to Twitter: An OAuth example
register your application

• http://twitter.com/oauth_clients
register your application
Twitter4J
Output
Twitter
Twitter
Twitter
Thank you
Question?
•Oauth is ____based authentication
token
•Three Roles in OAuth
User, Consumer, and Service provider
Consumer uses ___ key to access protected resource
A.Request

B.Access

C.Comsuer

Mastering OAuth 2.0
From Everand
Mastering OAuth 2.0
Bihis Charles
Rating: 5 out of 5 stars
5/5 (1)
Configuring OAuth2.0 on webMethods Integration Server
Document9 pages
Configuring OAuth2.0 on webMethods Integration Server
Sowmya Nagaraja
No ratings yet
Earning Money through Crypto Currency Airdrops, Faucets, Cloud Mining, Online Trading and Online Advertisements
From Everand
Earning Money through Crypto Currency Airdrops, Faucets, Cloud Mining, Online Trading and Online Advertisements
Dr. Hidaia Mahmood Alassouli
No ratings yet
OAuth Exploitation
Document5 pages
OAuth Exploitation
Muhammad Muqeem
No ratings yet
Oauth 2.0: Amit Harsola Wipro Technologies
Document65 pages
Oauth 2.0: Amit Harsola Wipro Technologies
humdil
No ratings yet
Rest Security by Example Frank Kim
Document62 pages
Rest Security by Example Frank Kim
neroliang
No ratings yet
Apisecuritywithoauth 181030043459
Document39 pages
Apisecuritywithoauth 181030043459
Kalpa De Silva
No ratings yet
The Definitive Guide to OAuth with Tyk
Document17 pages
The Definitive Guide to OAuth with Tyk
Carlos G. Rodríguez
No ratings yet
Oauth-V0 3
Document2 pages
Oauth-V0 3
K.Dileep Kumar Reddy
No ratings yet
Implementing Oauth
Document57 pages
Implementing Oauth
Kapil Gupta
No ratings yet
Dzone Refcard 347 Oauth Patterns Anti Patterns 202
Document6 pages
Dzone Refcard 347 Oauth Patterns Anti Patterns 202
Brosoa Loqua
No ratings yet
Auth API Documentation
Document6 pages
Auth API Documentation
Marcelo Pereira Rodrigues
No ratings yet
OAuth2 COSCUP
Document58 pages
OAuth2 COSCUP
KUAN TING PAN
No ratings yet
Backstage API - Authentication and General API Usage
Document12 pages
Backstage API - Authentication and General API Usage
karaspidey
No ratings yet
An Introduction To OAuth 2
Document19 pages
An Introduction To OAuth 2
AVELU24
No ratings yet
OAuth 2.0, OpenID Connect & SSO Simplified
Document21 pages
OAuth 2.0, OpenID Connect & SSO Simplified
nambir
No ratings yet
OAuth2 in Python PDF
Document19 pages
OAuth2 in Python PDF
Juan Pablo Orantes
No ratings yet
OAuth2 Developers Guide
Document31 pages
OAuth2 Developers Guide
pc_rima
No ratings yet
Introduction to OAuth 2 authorization framework for API access
Document77 pages
Introduction to OAuth 2 authorization framework for API access
sindhura2258
No ratings yet
Rfc5849 The Oauth 1.0 Protocol
Document39 pages
Rfc5849 The Oauth 1.0 Protocol
teo2005
No ratings yet
Identity Server 3
Document11 pages
Identity Server 3
Madalina Croitoru-Heuser
No ratings yet
OAuth authorization standard for accessing user info
Document2 pages
OAuth authorization standard for accessing user info
Debesh Ghosh
No ratings yet
CNIT 129S: Securing Web Applications: Updated 2-1-22
Document88 pages
CNIT 129S: Securing Web Applications: Updated 2-1-22
phamducnhon
No ratings yet
Authorization, Authentication, and Security
Document25 pages
Authorization, Authentication, and Security
Daniel Lao
No ratings yet
4 03 Authentication
Document39 pages
4 03 Authentication
FX
No ratings yet
API Developer Portal-Acquiring Your Access Token Guide
Document9 pages
API Developer Portal-Acquiring Your Access Token Guide
Luca Ele Ale Stefi
100% (1)
Integrating Services With: Luca Mearelli Web2Expo - Berlin 2008
Document64 pages
Integrating Services With: Luca Mearelli Web2Expo - Berlin 2008
Lê Hoàng Vũ
No ratings yet
WSO2 Inc - Securing Your Web Service With OAuth2 Using WSO2 Identity Server - 2014-03-28
Document11 pages
WSO2 Inc - Securing Your Web Service With OAuth2 Using WSO2 Identity Server - 2014-03-28
viaan1990
No ratings yet
Secure Web Systems in 40 Characters
Document43 pages
Secure Web Systems in 40 Characters
MUJAHID AL ASIRI
No ratings yet
Account Takeovers: by - Ninad Mathpati
Document43 pages
Account Takeovers: by - Ninad Mathpati
asd
No ratings yet
Introduction To The Course: Integrating Third-Party Applications and Automation 360 Using Control Room Apis: Step List
Document6 pages
Introduction To The Course: Integrating Third-Party Applications and Automation 360 Using Control Room Apis: Step List
lrre
No ratings yet
T1 - Extend The Power Platform With Custom Connectors
Document20 pages
T1 - Extend The Power Platform With Custom Connectors
Roberta Abreu Lamvik
No ratings yet
API Training
Document15 pages
API Training
Alexandre Gomes
No ratings yet
Oauth 2.0 Authentication Vulnerabilities
Document20 pages
Oauth 2.0 Authentication Vulnerabilities
Alishba mir
No ratings yet
Punchout NEP
Document20 pages
Punchout NEP
Vinay Varma
No ratings yet
Python Requests Essentials - Sample Chapter
Document17 pages
Python Requests Essentials - Sample Chapter
Packt Publishing
No ratings yet
Network Security
Document51 pages
Network Security
ct pentest
No ratings yet
Requestrodeo: Client Side: Protection Against Session Riding
Document39 pages
Requestrodeo: Client Side: Protection Against Session Riding
api-27294532
No ratings yet
Oauth2 Auth Flows
Document11 pages
Oauth2 Auth Flows
Công Quạ
No ratings yet
Cloudvision As-A-Service (Cvaas) Quick Start Guide: Arista Networks
Document30 pages
Cloudvision As-A-Service (Cvaas) Quick Start Guide: Arista Networks
Yu
No ratings yet
EOS Developer Authentication Tool
Document2 pages
EOS Developer Authentication Tool
Angel Flores
No ratings yet
Web API Basics
Document28 pages
Web API Basics
Craig
100% (3)
Sso Apis: Provider: Facebook, Google, Apple
Document3 pages
Sso Apis: Provider: Facebook, Google, Apple
Tùng Trần
No ratings yet
Understanding OAuth and MRA - Cisco Community
Document31 pages
Understanding OAuth and MRA - Cisco Community
Adrian Kumar
No ratings yet
YouTube API v2 OAuth 2 Authorization
Document14 pages
YouTube API v2 OAuth 2 Authorization
Bruce McNamara
No ratings yet
Getting Started With Provider Hosted Apps: Mokhtar Bepari
Document22 pages
Getting Started With Provider Hosted Apps: Mokhtar Bepari
Shah Jahan
No ratings yet
A Survey Paper On Social Sign-On Protocol Oauth 2.0
Document4 pages
A Survey Paper On Social Sign-On Protocol Oauth 2.0
Ginny Lynn
No ratings yet
Cookies: COEN 351 E-Commerce Security
Document27 pages
Cookies: COEN 351 E-Commerce Security
Shiva Netha
No ratings yet
Practical Assignment #1
Document4 pages
Practical Assignment #1
Suhaib al-shaibani
No ratings yet
Chapter 12 - Web Authentication
Document22 pages
Chapter 12 - Web Authentication
ch zhu
No ratings yet
BioTime 8.5 API User Manual
Document32 pages
BioTime 8.5 API User Manual
Tony Khoury
0% (1)
The OAuth 2.0 Authorization Framework
Document48 pages
The OAuth 2.0 Authorization Framework
dammsd
100% (1)
The Oauth 2.0 Authorization Framework Draft-Ietf-Oauth-V2-27
Document48 pages
The Oauth 2.0 Authorization Framework Draft-Ietf-Oauth-V2-27
alfa2514
No ratings yet
OpenMic ISAM API Protection 16aug2017
Document24 pages
OpenMic ISAM API Protection 16aug2017
gheodan
100% (1)
CON4990 - Candido Da Silva-JavaOne 2014 - Securing RESTful Resources With OAuth2
Document38 pages
CON4990 - Candido Da Silva-JavaOne 2014 - Securing RESTful Resources With OAuth2
Edwin Santiago Cabrejos
No ratings yet
Broken Cryptography: Account Takeovers
Document28 pages
Broken Cryptography: Account Takeovers
Robin Talaohu
No ratings yet
User Authorization: One Way To Perform Session Tracking Is To Leverage The Information That Comes With
Document1 page
User Authorization: One Way To Perform Session Tracking Is To Leverage The Information That Comes With
Lakshmi Pujari
No ratings yet
REST Authentication
Document21 pages
REST Authentication
Santanu Seth
No ratings yet
Session Tracking
Document2 pages
Session Tracking
Lakshmi Pujari
No ratings yet
Apigility: Home Video Download
Document9 pages
Apigility: Home Video Download
Julio Cezar Almeida Santos
No ratings yet
Analytical Exposition Text Interactive Worksheet 2
Document1 page
Analytical Exposition Text Interactive Worksheet 2
CHELSI EKA RHAMADANI
No ratings yet
HP Smart Update Manager Release Notes
Document22 pages
HP Smart Update Manager Release Notes
Manoj Kumar
No ratings yet
JPNR - Regular Issue 02, 2023 - 103
Document8 pages
JPNR - Regular Issue 02, 2023 - 103
Nuhu Iddriss
No ratings yet
Load balancer routes requests
Document2 pages
Load balancer routes requests
fsussan
100% (1)
Japan Exchange Group: A Cinnober Customer Case
Document4 pages
Japan Exchange Group: A Cinnober Customer Case
I S
No ratings yet
LinuxSDK Document
Document19 pages
LinuxSDK Document
Joao Thome
No ratings yet
Mandatory Skill - Student Form - Arduino
Document6 pages
Mandatory Skill - Student Form - Arduino
David
No ratings yet
Modulante
Document23 pages
Modulante
VBP
No ratings yet
WR VX Simulator Users Guide 6.1
Document114 pages
WR VX Simulator Users Guide 6.1
Tito Johnson
No ratings yet
Stata 1
Document45 pages
Stata 1
Chu Bundy
No ratings yet
APQP Overview Webinar 7NOV2018 - SCMH
Document51 pages
APQP Overview Webinar 7NOV2018 - SCMH
Alejandro R Ferreira Tostado
No ratings yet
Websphere MQ Tutorial For Beginners
Document13 pages
Websphere MQ Tutorial For Beginners
salman786x
100% (1)
Blockchain and AI For Data Security in Distributed Systems
Document6 pages
Blockchain and AI For Data Security in Distributed Systems
IJRASETPublications
No ratings yet
MANERCOS, A New Tool Providing Ergonomics in A Concurrent Engineering Design Life Cycle
Document6 pages
MANERCOS, A New Tool Providing Ergonomics in A Concurrent Engineering Design Life Cycle
Dimas Surya Prakarsa
No ratings yet
3600 User - S Manual PDF
Document34 pages
3600 User - S Manual PDF
KỲ DUYÊN
No ratings yet
D61762GC31 Les01
Document25 pages
D61762GC31 Les01
henry eduardo
No ratings yet
FGC Team Greece Eng Book v3
Document28 pages
FGC Team Greece Eng Book v3
api-656115276
No ratings yet
Integration Broker Setup and Verification
Document15 pages
Integration Broker Setup and Verification
Rajendra Pilluda
No ratings yet
Brabender Plasti-Corder Lab-Station Brabender Plastograph EC
Document4 pages
Brabender Plasti-Corder Lab-Station Brabender Plastograph EC
Leon Chicho
No ratings yet
FMB Firmware Errata - Wiki Knowledge Base - Teltonika GPS
Document14 pages
FMB Firmware Errata - Wiki Knowledge Base - Teltonika GPS
Brayan Alvarez
No ratings yet
Tle Css Reviewer
Document4 pages
Tle Css Reviewer
Hannah Ataza
100% (1)
10136-Research Instrument-30957-1-10-20200818
Document11 pages
10136-Research Instrument-30957-1-10-20200818
richa arbina
No ratings yet
Harvard Archi
Document10 pages
Harvard Archi
Win Revans
No ratings yet
Introduction To SD Access
Document28 pages
Introduction To SD Access
g
100% (1)
BioFire FilmArray Torch Manual
Document67 pages
BioFire FilmArray Torch Manual
Huỳnh Châu
No ratings yet
CHENNAI-Companies and Consultants
Document23 pages
CHENNAI-Companies and Consultants
api-3697677
67% (3)
HD - Human Design Project HDDB
Document1 page
HD - Human Design Project HDDB
lkphilip
No ratings yet
Learning Management System For LPU-Laguna
Document21 pages
Learning Management System For LPU-Laguna
Tea
No ratings yet
About S VB Briefly 16112012
Document26 pages
About S VB Briefly 16112012
Ajay Kumar Mattupalli
No ratings yet
Ed 15112
Document109 pages
Ed 15112
lich
No ratings yet