OAuth

Posted October 4, 2007

"Peat" is to "OAuth" what "fat kid" is to "cheese burgers."

I am all over this action.  This is the sort of thing that kicks down the doors of traditional big business and says "we can play together, even if we don't trust each other."

Here's the description of OAuth from the draft specification:

"The OAuth protocol enables websites or applications (Consumers) to access Protected Resources from a web service (Service Provider) via an API, without requiring Users to disclose their Service Provider credentials to the Consumers. More generally, OAuth creates a freely-implementable and generic methodology for API authentication.

"An example use case is allowing printing service printer.example.com (the Consumer), to access private photos stored on photos.example.net (the Service Provider) without requiring Users to provide their photos.example.net credentials to printer.example.com."

In other words, you can build an API for your hot new web app, give your customers control who and what gets to use their data, and provide a standard way for the development community to get access to your sandbox.

This sort of thing has been done in an ad hoc manner for years, but a widely embraced open standard is what it takes to get the attention of the big kids.  So, it's time to jump on the bandwagon, folks.  This one is worth while.

I'm hot for OAuth.  And a side of fries.

comments powered by Disqus