How OAuth Works

Constantly Learning

OAuth is protocol for delegating authentication. Before OAuth, if Alice wanted to grant Bob access to her resources, Alice would have to give Bob her credentials, usually a username and password. OAuth allows this to happen without Alice having to share her secret information. OAuth became necessary because of applications relying on another applications data to be useful. OAuth solves this problem. How OAuth 1.0 This request includes an oauth_callback.

Oauth 48

When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication?

SoCal CTO

In this post, I want to look at just the question of when it makes sense to use Facebook Connect, Twitter Oauth, OpenID, Yahoo Browser-Based Authentication, Google Friend Connect or basically any of the other authentication mechanisms.

Oauth 313

Facebook Authentication and OAuth

Constantly Learning

We've already solved the account registration design pattern with OAuth. Rather than using OAuth to accessing resources we can use it for authenticating. Newer applications are starting to move to the OAuth Authentication design pattern to reduce signup friction. If you decide not to use OAuth for authentication you're creating a problem. I love using new applications, new apps, and new services. But, I don't like creating credentials for each of these services.

Oauth 43

Understanding OAuth: An Overview

parand.com

startupcto

Oauth 40

Connect to Facebook, LinkedIn, Twitter, and G+

Feld Thoughts

I wonder if this will change with Office 365 – I hope Microsoft is building a trivial to use oauth to O365 so it’s easy to connect to, along with a good sync API. Tech I Use auth facebook g+ gmail google linkedin microsoft oauth twitterI noticed something when I tried out two apps ( Mingly and Cobook ) this morning – they each immediately asked to connect me to Facebook, LinkedIn, and Twitter during their onboarding process.

Oauth 144

Why Twitter’s API Changes Screws Startups – And Twitter

YoungUpstarts

As you may know, Twitter changes the rules for oAuth requests as well as a few minor things for apps using Twitter’s services. Now one of the things that makes my startup, Twythm ( [link] ), different is that you don’t have to authorize with Twitter using oAuth.

API 72

The Always Logged In Experience

A VC : Venture Capital and Technology

Think about OAuth and Facebook Connect and Sign In With Twitter and other similar techniques for signing into and connecting to apps. Is there a mobile implementation of oauth that doesn't require a browser session to do the auth? Last week I blogged about mobile notifications which I think is a big game changer. There are a few other aspects of the mobile experience that I think present great opportunity. Another one is the always logged in experience.

Oauth 170

One Address Book To Rule Them All

Feld Thoughts

I’ve been through a bunch of different iterations of technology around this such as SAML, FOAF, and Oauth. I’ve completely f *d up my address book more than once, especially as I tried to wire in data from other services that use Oauth or an email address to join data across web services. It’s 2012 and the “contact information problem” is getting exponentially worse.

Oauth 168

The new “getting started” with gadgets

Eric Friedman

Now however, you are greeted with ever familiar OAuth prompts for services you probably already have an account with. Setting up a digital picture frame you are asked to OAuth with Flickr. This shows a world of interconnected devices, that starts with the initial OAuth handshake. Getting started with gadgets has changed. It used to be that each electronic gizmo, phone, or device required a quick registration and understanding of their proprietary system.

Oauth 52

How to Send Emails in WordPress with Gmail SMTP Server

Blogtrepreneur | Entrepreneur Blog

The first method uses a plugin called WP Mail SMTP while the second method is setting up Gmail SMTP using OAuth Protocol. Second method: Setting up Gmail SMTP using OAuth Protocol First of all, you would need to download and install Gmail SMTP Plugin in your WordPress website.

Email 72

Gluecon Is Less Than A Month Away (And Special 20% Bonus Code)

Feld Thoughts

Gluecon is now slightly less than a month away, and if you’re not going, you should. Gluecon is a phenomenal gathering of developers working in the big data, mobile, and cloud computing arenas (where the topic of the API comes up continually). Yet, Gluecon is not “expo-big,” so you’ll be able to actually interact with everyone there, and not feel like you’re drowning in a sea of people amidst a concrete hall full of vendor booths.

Oauth 122

Twitter hacked – reminder of connected Twitter apps

Eric Friedman

However during the process Twitter reminded me of all the other sites/apps/services I have OAuth’d with in the past few years. I was in the 250,000 or so users who “may” have had their Twitter account compromised last week.

Oauth 72

Registration Form Design with Facebook, Twitter, LinkedIn Authentication

SoCal CTO

Back in January 2010, I wrote a post that's one of the most popular on this blog: When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication?

Design 255

32 Questions Developers May Have Forgot to Ask a Startup Founder

SoCal CTO

See also - When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication. Almost every day I'm talking to early stage startup founders (see Free Startup CTO Consulting Sessions ) about what they plan to do.

Google AdSense ads to start showing +1 button

Eric Friedman

This is what the ads will look like – very similar to the Facebook “face pile” you see on sites where you have friends that have OAuthed. Google recently announced that they will be including the +1 button into AdSense ads.

Oauth 65

#DefragCon 2013: Programming with Personal Clouds: A Post-Web Architecture — Phil Windley, Kynetx

Launch Any

OAuth access. Programming with Personal Clouds: A Post-Web Architecture – Phil Windley, Kynetx. Personal cloud made up of a constellation of persistent computational objects – picos. Picos have identity, storage, open-event network, processing, event channels, and APIs. “Mirror Worlds” – David Gelernter – sounds like today, written in 1993. Clouds should center around objects and people. Any programming language. Pico provides data, API.

Oauth 46

32 Questions Developers May Have Forgot to Ask a Startup Founder

SoCal CTO

See also - When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication. Almost every day I'm talking to early stage startup founders (see Free Startup CTO Consulting Sessions ) about what they plan to do.

Gluu integrates Toopher for 2FA

Austin Startup

and OpenID Connect, the soon-to-be standardized profile of OAuth 2.0. Gluu, an open source access management company, announced today that it has open-sourced the code needed to support Toopher, a location aware two-factor authentication mechanism, in its enterprise SSO and access management platform.

Oauth 25

It’s not getting them to try, it’s getting them to buy…

47 Hats

Today with services like oAuth through Twitter and Facebook, getting visitors to join isn’t the issue – getting them to actually use your service and therefore value it and therefore pay for it is the nut you have to crack.

Oauth 186

Web services should be both federated and extensible

Chris Dixon

That would require an additional oAuth to SimpleGeo (authorizing step 4). Ideally some spec like oAuth could include the multiple authorizations in a single authorization screen. One of the most important developments of the web 2.0

API 78

Some things that make mobile user acquisition difficult

The Equity Kicker

For a host of reasons the web is, of course, much easier, e.g. bugs can be fixed ten minutes after discovery, multiple landing pages can be tested simultaneously, the journey from email to service is very quick, connecting with OAuth is much quicker.

The Glue Agenda Is Getting Awesome

Feld Thoughts

What’s up with OAuth/WRAP? I love the conferences we help sponsor ( Glue and Defrag ). Eric Norlin is a genius at putting together a specialty technology conference. He gets amazing people to attend, curates the content meticulously, isn’t afraid to try new things every year (and have some not work), and just keeps at it with single minded commitment.

Denver 114

Rethinking Mobile First

A VC : Venture Capital and Technology

Sign-up with OAuth is faster. I wrote the Mobile First Web Second blog post a few years ago. In that post, I talked about apps that were designed to be used on mobile primarily with the web as a companion. There have been a number of startups that have taken that approach and done well with it. Most notably Instagram, and also our portfolio company Foursquare. It has become a bit of a orthodoxy among the consumer social startup crowd to do mobile first and web second.

Mobile 219

Map of VC Investments

SoCal CTO

► January (5) Los Angeles Web Developer Startup CTO or Developer When to Use Facebook Connect – Twitter Oauth – Goo. skip to main | skip to sidebar SoCal CTO Friday, March 9, 2007 Map of VC Investments Found this Map of 2006 VC Investments post.

Top 120 Startup Posts for 2010

SoCal CTO

500 Hats , February 1, 2010 When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication? Some really great stuff in 2010 that aims to help startups around product, technology, business models, etc.

Is LinkedIn Intro Good, Bad, or Impossible?

Feld Thoughts

And since it uses OAuth to log in, it doesn’t even need to ask for your credentials. When LinkedIn posted LinkedIn Intro: Doing the Impossible on iOS I was intrigued. The post title was provocative (presumably as intended) and drew a lot of attention from various people in the security world. Several of these posts were deeply critical which generated another post from LinkedIn titled The Facts about LinkedIn Intro.

Oauth 172

It’s not getting them to try, it’s getting them to buy…

47 Hats

Today with services like oAuth through Twitter and Facebook, getting visitors to join isn’t the issue – getting them to actually use your service and therefore value it and therefore pay for it is the nut you have to crack.

Oauth 141

GlueCon 2013 Notes: Single Page Architectures: The API and Appification for the Web Steven Willmott, 3Scale

Launch Any

APIs form the basis for interactions with oAuth helping. Single Page Architectures: The API and Appification for the Web Steven Willmott, 3Scale (@njyx and @3scale). Plenty of toolkits available to build SPAs. Upsides – more responsive, push support, nice interfaces with similarity to mobile/desktop dev. Downsides – harder to find JS skills, need modern browsers, less tooling.

Retiring Ecto

Venture Chronicles

It also doesn’t benefit from any updates and when Twitter changed to OAuth last week the Twitter add-on I was using broke, which means I don’t ping Twitter with a “just blogged about x&# tweet when publishing. I have used Ecto to write my blog posts for almost as long as I’ve been writing this blog.

Oauth 44

Technology Roles in Startups

SoCal CTO

see When to Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication? I’ve worked with 30+ early-stage companies in all sorts of capacities (and spoken to many, many more), so I thought it might be worthwhile trying to classify the various ways that I’ve engaged in different technology roles in startups.

Etsy at Photo Hack Day!

Code as Craft

We’ll be there, and we’ll be holding office hours to help hackers with our API, PHP jQuery and OAuth. Our friends at Aviary are organizing a ginormous Photo Hack Day this Saturday the 20th, and we’re psyched to be there! What makes this hack day so amazing?

Oauth 36

Realistic Entrprenuers Guide to Venture Capital

SoCal CTO

► January (5) Los Angeles Web Developer Startup CTO or Developer When to Use Facebook Connect – Twitter Oauth – Goo.

Introducing Getsy, A Secure Command Line Interface to the Etsy API

Code as Craft

But since the OAuth protocol uses 3-legged authentication, and there are several tokens and other intricacies to handle, it makes curl very difficult to use directly. As I was working on the Etsy API last year I found it would be useful to have something similar to curl that I could quickly make API requests with using OAuth in both the sandbox and production environments. export OAUTH_CONSUMER_KEY='yourkey'. export OAUTH_CONSUMER_SECRET='yoursecret'.

API 30

Startup CTO or Developer

SoCal CTO

Beyond the fuzzy, high-level questions, there are often a lot of very specific questions like do we Use Facebook Connect – Twitter Oauth – Google Friend Connect for Authentication ?

CTO 257

What You Can Learn from a Scorpion

Both Sides of the Table

Being able to leverage mobile contacts on your phone gave them independence from Facebook while many other people were doing anything they could to oAuth in FB users. The hardest thing about starting a company is that from day one you emerge as this completely vulnerable entity trying its hardest to project success, power, trajectory and inevitability while you secretly know that you’re one knock-out blow from extinction.

Oauth 190

F2F Still Matters

SoCal CTO

► January (5) Los Angeles Web Developer Startup CTO or Developer When to Use Facebook Connect – Twitter Oauth – Goo.

Graphs

Chris Dixon

Besides creating graphs, Facebook and Twitter (via Facebook Connect and OAuth) created identity systems that are extremely useful for the creation of 3rd party graphs. It has become customary to use “ graph &# to refer to the underlying data structures at social networks like Facebook. Computer scientists call the study of graphs “ network theory ,&# but on the web the word “network&# is used to refer to the websites themselves).

Oauth 78

A modern tool for your startup: JotForm Cards

47 Hats

I choose Stripe as my payment integration and got a nice Oauth form: (Authenticating and connecting to Stripe.com.)

Oauth 164

Getting Featured

David Lee

Facebook Open Graph and Twitter OAuth create immediate network effects but also make switching apps easier (i.e., Getting “featured” in the iTunes App Store or Google Play is a boon for any mobile app. It can lead to thousands or even millions of downloads in a matter of weeks. Even better, it can zoom an app to the top of the “Top” charts (most downloaded, most favorited, etc.). Therefore startups naturally covet this.

Oauth 41

One Simple Way to Generate More Traffic for Every Blog Post

Duct Tape Marketing

For last field Callback URL use native app default – urn:ietf:wg:oauth:2.0:oob

Oauth 78

Announcing Etsy’s New API

Code as Craft

Here’s a brief overview of some of the new features of this API: Read-Write Support via OAuth The new API supports OAuth , a way of letting 3rd-party applications log into your Etsy account without requiring you to hand out your username and password (If you’ve ever used a Twitter client like Tweetie, you’ve used OAuth.) Here’s what you’ll find in the pilot API: OAuth support.

API 20

Announcing the Etsy API Handmade Code Contest

Code as Craft

We’ve added lots of new features to our API, such as OAuth and read/write methods for listings and shops, and we want you to give the shiny new bits a whirl. Seller Tools: These are applications that use the new OAuth-protected methods in Etsy’s API to help members manage their shops. What if you could help independent entrepreneurs make a living doing what they love?

API 36

Kellan Elliott-McCrea joins the Etsy team

Code as Craft

Kellan also co-authored the OAuth spec, one of the key standards on the web today. Kellan Elliott-McCrea ( blog , Twitter ) will be joining us at Etsy on Monday as VP of Engineering, here at Etsy HQ in beautiful Brooklyn (where Kellan currently lives).

Oauth 26