OAuth is an open protocol that provides a standardized secure API end so that users can use this protocol to an application to allow access to its data which are managed by another application or service, without submitting any details of the user to the other application.
Terminologies associated with OAuth
Service Provider is a website or a web service , where are the information on a controlled access will be allowed. It has full control and responsibility for the implementation of OAuth. The service provider has no identity provider.
User is the owner of the information. He/She is intended to enable OAuth to control the information. OAuth is designed in an way so that only the manual release of the user allows the access to data.
Consumer is an application that provides access to the information a user wants to obtain. It can be a website, a desktop program, a mobile application, a set-top box and so forth, but must have access to the Internet.
A consumer Developer is the developer of consumer applications that interact with the service provider.
Protected Resources is the information of the user to be using OAuth, a controlled access will be allowed. These may be data, activities or the only access to a URL.
Token can be used in place of username-password combinations to access resources. A token is usually a string of letters and numbers, special characters can also be used. OAuth token has distinction between query and access token.
---
OAuth 2.0 is the current OAuth protocol and is not compatible with OAuth 1.0.
OAuth Service Providers
The below list of OAuth Service Providers uses OAuth 2.o :
- Foursquare
- github
- Microsoft Windows Live
The below list of OAuth Service Providers uses OAuth 1.o or subversion :
- MySpace
