Authentication with OAuth 2.0

In this video, Assaf Arkin is going to give you the low-down on OAuth 2.0. Below is his description of his talk:

You're building an API and the question comes up, how to let client applications authenticate against it? Giving username/password to 3rd party client applications is a security anti-pattern. You don't want to do that. API keys are better, but confusing for the average user. So we're going to look at solving that with OAuth 2.0.

If you used Facebook Connect to allow a non-Facebook application restricted access to your Facebook account, you've used OAuth 2.0. Let's talk about what OAuth 2.0 is, how it works, and how to add support to your application/API. We'll cover authentication flows for Web apps, mobile, desktop and even command-line tools, and talk about access control patterns that are based, not on users and roles, but client applications and requested access scopes.

Below are Assaf's slides:

About this event
This event was presented by The San Francisco Ruby on Rails Group on July 27, 2011. Hosted by Storek Building. Organized and sponsored by SimpleWorker and New Relic.

Want to learn more about open source development?
Check out some of our training courses and videos.

Published July 29, 2011