When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication?

SoCal CTO

In this post, I want to look at just the question of when it makes sense to use Facebook Connect, Twitter Oauth, OpenID, Yahoo Browser-Based Authentication, Google Friend Connect or basically any of the other authentication mechanisms.

Oauth 32

Connect to Facebook, LinkedIn, Twitter, and G+

Feld Thoughts

I wonder if this will change with Office 365 – I hope Microsoft is building a trivial to use oauth to O365 so it’s easy to connect to, along with a good sync API. Tech I Use auth facebook g+ gmail google linkedin microsoft oauth twitterI noticed something when I tried out two apps ( Mingly and Cobook ) this morning – they each immediately asked to connect me to Facebook, LinkedIn, and Twitter during their onboarding process.

API 46

Trending Sources

How OAuth Works

Constantly Learning

OAuth is protocol for delegating authentication. Before OAuth, if Alice wanted to grant Bob access to her resources, Alice would have to give Bob her credentials, usually a username and password. OAuth allows this to happen without Alice having to share her secret information. OAuth became necessary because of applications relying on another applications data to be useful. OAuth solves this problem. How OAuth 1.0 This request includes an oauth_callback.

API 0

Facebook Authentication and OAuth

Constantly Learning

We've already solved the account registration design pattern with OAuth. Rather than using OAuth to accessing resources we can use it for authenticating. Newer applications are starting to move to the OAuth Authentication design pattern to reduce signup friction. If you decide not to use OAuth for authentication you're creating a problem. I love using new applications, new apps, and new services. But, I don't like creating credentials for each of these services.

Understanding OAuth: An Overview

parand.com

startupcto

Hacker News launches API with near real-time access to site’s data

The Next Web

The API is read-only for now, but the YC-backed site could enable to private per-user info using OAuth in the future. When you have a site called Hacker News that’s a destination for developers, startups and anyone interested in the startup world, it only only makes sense to have an API.

Oauth 24

One Address Book To Rule Them All

Feld Thoughts

I’ve been through a bunch of different iterations of technology around this such as SAML, FOAF, and Oauth. I’ve completely f *d up my address book more than once, especially as I tried to wire in data from other services that use Oauth or an email address to join data across web services. It’s 2012 and the “contact information problem” is getting exponentially worse.

Oauth 59

Rethinking Mobile First

A VC : Venture Capital and Technology

Sign-up with OAuth is faster. I wrote the Mobile First Web Second blog post a few years ago. In that post, I talked about apps that were designed to be used on mobile primarily with the web as a companion. There have been a number of startups that have taken that approach and done well with it. Most notably Instagram, and also our portfolio company Foursquare. It has become a bit of a orthodoxy among the consumer social startup crowd to do mobile first and web second.

Mobile 116

Registration Form Design with Facebook, Twitter, LinkedIn Authentication

SoCal CTO

Back in January 2010, I wrote a post that's one of the most popular on this blog: When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication?

Design 102

32 Questions Developers May Have Forgot to Ask a Startup Founder

SoCal CTO

See also - When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication. Almost every day I'm talking to early stage startup founders (see Free Startup CTO Consulting Sessions ) about what they plan to do.

Is LinkedIn Intro Good, Bad, or Impossible?

Feld Thoughts

And since it uses OAuth to log in, it doesn’t even need to ask for your credentials. When LinkedIn posted LinkedIn Intro: Doing the Impossible on iOS I was intrigued. The post title was provocative (presumably as intended) and drew a lot of attention from various people in the security world. Several of these posts were deeply critical which generated another post from LinkedIn titled The Facts about LinkedIn Intro.

Oauth 98

What You Can Learn from a Scorpion

Both Sides of the Table

Being able to leverage mobile contacts on your phone gave them independence from Facebook while many other people were doing anything they could to oAuth in FB users. The hardest thing about starting a company is that from day one you emerge as this completely vulnerable entity trying its hardest to project success, power, trajectory and inevitability while you secretly know that you’re one knock-out blow from extinction.

Oauth 95

32 Questions Developers May Have Forgot to Ask a Startup Founder

SoCal CTO

See also - When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication. Almost every day I'm talking to early stage startup founders (see Free Startup CTO Consulting Sessions ) about what they plan to do.

10 Questions Your API Documentation Must Answer

Launch Any

We recommend using Github or other public source code repository, so that developers can quickly clone your examples, configure their API key or OAuth token, and try out your API. Effective communication is the most important factor for API success.

API 43

One Simple Way to Generate More Traffic for Every Blog Post

Duct Tape Marketing

For last field Callback URL use native app default – urn:ietf:wg:oauth:2.0:oob

Media 32

Top 120 Startup Posts for 2010

SoCal CTO

500 Hats , February 1, 2010 When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication? Some really great stuff in 2010 that aims to help startups around product, technology, business models, etc.

CTO 80

Startup CTO or Developer

SoCal CTO

Beyond the fuzzy, high-level questions, there are often a lot of very specific questions like do we Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication ?

CTO 87

How Online Video Companies Can Increase Margin and Build Better Businesses

Both Sides of the Table

You can ask them to come and watch your videos at your owned & operated websites (O&O) where you can make higher margins as well as ask directly for more meaningful customer information such as Facebook connections, Twitter oAuths, email addresses and the like.

Introduction to Growth Hacking for Startups

VC Cafe

APIs – Integrating with Twitter, Facebook and Google+ is essential for more than just the Oauth login. Paul Graham’s Startup Curve – avoid the “through of sorrow”! Pintrest, Facebook, Zynga, Dropbox, AirBnb… What do they all have in common?

API 62

Gluu integrates Toopher for 2FA

Austin Startup

and OpenID Connect, the soon-to-be standardized profile of OAuth 2.0. Gluu, an open source access management company, announced today that it has open-sourced the code needed to support Toopher, a location aware two-factor authentication mechanism, in its enterprise SSO and access management platform.

Why and How You Should Write REST-Centric Applications

Web 2.0 Development and Business Lessons

Although it’s not without its share of problems, we chose OAuth 2.0 Since we’re using Dojo, we created a base class that provides the following helpers: Takes care of obtaining and managing OAuth refresh and access tokens by tracking token expire times and fetching new tokens when needed. Ever since Twitter built their “New Twitter” UI on top of their existing API, the idea of incorporating the very same philosophy into my own applications resonated with me.

The Accidental API

Launch Any

How to mitigate this risk: Implement API security to restrict access to the API, using standards such as OAuth. You may wish to also consider an API management layer that implements authentication standards such as OAuth and performs data masking to protect sensitive data.

API 17

Twitter hacked – reminder of connected Twitter apps

Eric Friedman

However during the process Twitter reminded me of all the other sites/apps/services I have OAuth’d with in the past few years. I was in the 250,000 or so users who “may” have had their Twitter account compromised last week.

The Psychology of Influence in Online Startups

VC Cafe

Today it’s relatively simple to find out a lot of information about the users by having them connect to one of their social profiles using OAuth.

Oauth 44

Building Products for Mass Adoption

Both Sides of the Table

Here’s how we use oAuth to integrate the user’s social graph.

The new “getting started” with gadgets

Eric Friedman

Now however, you are greeted with ever familiar OAuth prompts for services you probably already have an account with. Setting up a digital picture frame you are asked to OAuth with Flickr. This shows a world of interconnected devices, that starts with the initial OAuth handshake. Getting started with gadgets has changed. It used to be that each electronic gizmo, phone, or device required a quick registration and understanding of their proprietary system.

Drop in some intelligent security to your startup with Castle.io

ArcticStartup

Their API works with both your home-grown login configuration or with outside tools like OAuth.

Getting Featured

David Lee

Facebook Open Graph and Twitter OAuth create immediate network effects but also make switching apps easier (i.e., Getting “featured” in the iTunes App Store or Google Play is a boon for any mobile app. It can lead to thousands or even millions of downloads in a matter of weeks. Even better, it can zoom an app to the top of the “Top” charts (most downloaded, most favorited, etc.). Therefore startups naturally covet this.

Oauth 10

The Psychology of Influence in Online Startups

VC Cafe

Today it’s relatively simple to find out a lot of information about the users by having them connect to one of their social profiles using OAuth. Hello smart entrepreneur. I know you’re a busy person, so I’ll be brief.

Oauth 28

Introducing Getsy, A Secure Command Line Interface to the Etsy API

Code as Craft

But since the OAuth protocol uses 3-legged authentication, and there are several tokens and other intricacies to handle, it makes curl very difficult to use directly. As I was working on the Etsy API last year I found it would be useful to have something similar to curl that I could quickly make API requests with using OAuth in both the sandbox and production environments. export OAUTH_CONSUMER_KEY='yourkey'. export OAUTH_CONSUMER_SECRET='yoursecret'.

Graphs

Chris Dixon

Besides creating graphs, Facebook and Twitter (via Facebook Connect and OAuth) created identity systems that are extremely useful for the creation of 3rd party graphs. It has become customary to use “ graph &# to refer to the underlying data structures at social networks like Facebook. Computer scientists call the study of graphs “ network theory ,&# but on the web the word “network&# is used to refer to the websites themselves).

Meet Waldo, Head of Corp Dev

This is going to be BIG.

You could even throw in a social proof column where the company could write who its backers are or Oauth to LinkedIn to show how closely connected it is to the principals of your partnership efforts. Back in 2005, when I was with Union Square Ventures, we changed our brochureware homepage into a blog. A few other VCs had been blogging before, but no one had gone as far as to make the whole front facing effort of their firm into something so interactive.

Experimenting with HHVM at Etsy

Code as Craft

We frequently encountered bugs and missing features in the MySQL, Memcached and OAuth extensions, among others. In 2014 Etsy’s infrastructure group took on a big challenge: scale Etsy’s API traffic capacity 20X.

PHP 29

Tradeshift Opens Up Its Arms, Brings Its Apps To Developers

ArcticStartup

Better security, iframe sources are OAuth signed, thus ensuring the servers can identify each user with their Tradeshift identity. Tradeshift , the Danish firm that has been in reports quite often here at ArcticStartup is making itself more useful with the announcement of bringing their applications to developers. To put it out more clearly, this would enable developers to build applications within the Tradeshift ecosystem.

Gluecon Is Less Than A Month Away (And Special 20% Bonus Code)

Feld Thoughts

Gluecon is now slightly less than a month away, and if you’re not going, you should. Gluecon is a phenomenal gathering of developers working in the big data, mobile, and cloud computing arenas (where the topic of the API comes up continually). Yet, Gluecon is not “expo-big,” so you’ll be able to actually interact with everyone there, and not feel like you’re drowning in a sea of people amidst a concrete hall full of vendor booths.

API First Transformation at Etsy – Concurrency

Code as Craft

The user ID is determined via the user cookie or OAuth token, dependent on the Service, which we will talk about below. At Etsy we have been doing some pioneering work with our Web APIs.

API 19

Some things that make mobile user acquisition difficult

The Equity Kicker

For a host of reasons the web is, of course, much easier, e.g. bugs can be fixed ten minutes after discovery, multiple landing pages can be tested simultaneously, the journey from email to service is very quick, connecting with OAuth is much quicker.

Subscriptions are the New BLACK. (+ why Facebook, Google, & Apple.

500 Hats

My bigger concern is around Oauth and payment solutions. I recently wrote about this in my post: When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication? Master of 500 Hats A blog about Geeks, Entrepreneurs, & Startups in Silicon Valley, by Dave McClure. The Internet Revolution, Act III.

#DefragCon 2013: Programming with Personal Clouds: A Post-Web Architecture — Phil Windley, Kynetx

Launch Any

OAuth access. Programming with Personal Clouds: A Post-Web Architecture – Phil Windley, Kynetx. Personal cloud made up of a constellation of persistent computational objects – picos. Picos have identity, storage, open-event network, processing, event channels, and APIs. “Mirror Worlds” – David Gelernter – sounds like today, written in 1993. Clouds should center around objects and people. Any programming language. Pico provides data, API.

What The Rails Security Issue Means For Your Startup

www.kalzumeus.com

Alright, let’s move down the line: Look for anybody who implements OAuth/Facebook Connect/etc. Kalzumeus Software. Patrick McKenzie (patio11) blogs on software development, marketing, and general business topics. Greatest Hits. Standing Invitation. Start Here If You’re New. About.