SlideShare a Scribd company logo

open id & o-auth

P
Paul Fryer

OpenID and OAuth are authentication and authorization protocols that allow users to verify their identity and grant access to personal data across different websites and applications. OpenID is used for authentication by verifying a user's identity, while OAuth allows users to grant third-party applications access to their account information without sharing credentials. Many major websites like Facebook, Twitter, and Google implement these protocols to allow sign-in and data sharing between platforms. Developers can also add support for OpenID and OAuth through open-source libraries for various programming languages.

1 of 10
Downloaded 16 times
1
2
3
4
5
6
7
8
9
10
Open ID & OAuth Paul Fryer June 2011
What we’ll cover • What is OpenID and OAuth? • Where and why are these used? • “In the wild” examples. • Source code examples.
What is OpenID? • OpenID is about verifying identity (authenticating). • Prevents users from having to maintain multiple identities with websites/electronic systems.
Who uses OpenID? • You probably already have an OpenID. • Most of the major web players have an implementation. • You can provide your own implementation.
How does OpenID Work? 1. What’s your OpenID? 2. User enters OpenID. 3. Request the OpenID Provider page. 4. Provider returns page with openid.server and, optionally, openid.delegate. 5. Build URL and make request to OpenID server. 6. OpenID server presents login screen. 7. User provides credentials. 8. OpenID server asks user to authorize use. 9. User responds to authorization request. 10. User redirected to success or failure URL. 11. Appropriate page is rendered depending on success or failure.
What is OAuth? • OAuth is about authorizing 3rd party sites to access user information. • Allows sharing of user data with other systems without providing credentials to the other systems.
Who uses OAuth? • Most major web players. • Facebook, Twitter, Google, Flickr, more.. • You can too! Just download an open source library for your programming language of choice (Dot Net, Cold Fusion, Lisp, Java, JavaScript, Objective C, Perl, Ocaml, PHP, Ruby, Python, Erlang, more..)
open id & o-auth
Live Example • Stackoverflow.com • Built on
Source Code Examples • Examples using the Dot Net Open Auth library. • ASP.Net MVC example using OpenID. • ASP.Net Web Forms example using OAuth.

More Related Content

PDF
Oauth Behind The Scenes
Thang Tran Duc
 
PPTX
Open id & OAuth
Paul Fryer
 
PDF
REST APIs in the context of single-page applications
yoranbe
 
PPTX
Owasp healthcare cms
uisgslide
 
PPT
Gartner application architecture summit 2011
Paul Fryer
 
PPT
How alerts work
Paul Fryer
 
PPTX
Understanding cil & dynamic assemblies
Paul Fryer
 
PPTX
Web Sockets
Paul Fryer
 
Oauth Behind The Scenes
Thang Tran Duc
 
Open id & OAuth
Paul Fryer
 
REST APIs in the context of single-page applications
yoranbe
 
Owasp healthcare cms
uisgslide
 
Gartner application architecture summit 2011
Paul Fryer
 
How alerts work
Paul Fryer
 
Understanding cil & dynamic assemblies
Paul Fryer
 
Web Sockets
Paul Fryer
 

Similar to open id & o-auth (20)

PDF
OAuth
Iván Fernández Perea
 
PPT
Facebook_Oauth
Akshay Kale
 
PPT
Facebook_Oauth
Akashy Kale
 
PDF
Introduction To Open Web Protocols
Mohan Krishnan
 
KEY
Authentication Using Twitter, Google, Facebook, And More
Billy Cravens
 
PDF
Secure Webservices
Matthias Käppler
 
PPT
Implementing OpenID for Your Social Networking Site
David Keener
 
PPTX
Maintest3
Mohan Kumar Tadikimalla
 
PDF
A How-to Guide to OAuth & API Security
CA API Management
 
PDF
Server-side Java Programming
Chris Schalk
 
PDF
OpenID Connect "101" Introduction -- October 23, 2018
OpenIDFoundation
 
PPTX
MainFinalOAuth
Mohan Kumar Tadikimalla
 
PDF
Building the Social Web with OpenID
Simon Willison
 
PDF
User Management with LastUser
Kiran Jonnalagadda
 
PPT
Oauth2.0
Yasmine Gaber
 
PPTX
Lecture 20101124
Anderson Liang
 
PPT
Building and using web services with OAuth
Bruce Boughton
 
PDF
OAuth - Open API Authentication
leahculver
 
KEY
OpenID vs OAuth - Identity on the Web
Richard Metzler
 
PPTX
Maintest2
Mohan Kumar Tadikimalla
 
OAuth
Iván Fernández Perea
 
Facebook_Oauth
Akshay Kale
 
Facebook_Oauth
Akashy Kale
 
Introduction To Open Web Protocols
Mohan Krishnan
 
Authentication Using Twitter, Google, Facebook, And More
Billy Cravens
 
Secure Webservices
Matthias Käppler
 
Implementing OpenID for Your Social Networking Site
David Keener
 
Maintest3
Mohan Kumar Tadikimalla
 
A How-to Guide to OAuth & API Security
CA API Management
 
Server-side Java Programming
Chris Schalk
 
OpenID Connect "101" Introduction -- October 23, 2018
OpenIDFoundation
 
MainFinalOAuth
Mohan Kumar Tadikimalla
 
Building the Social Web with OpenID
Simon Willison
 
User Management with LastUser
Kiran Jonnalagadda
 
Oauth2.0
Yasmine Gaber
 
Lecture 20101124
Anderson Liang
 
Building and using web services with OAuth
Bruce Boughton
 
OAuth - Open API Authentication
leahculver
 
OpenID vs OAuth - Identity on the Web
Richard Metzler
 
Maintest2
Mohan Kumar Tadikimalla
 
Ad

open id & o-auth

  • 1. Open ID & OAuth Paul Fryer June 2011
  • 2. What we’ll cover • What is OpenID and OAuth? • Where and why are these used? • “In the wild” examples. • Source code examples.
  • 3. What is OpenID? • OpenID is about verifying identity (authenticating). • Prevents users from having to maintain multiple identities with websites/electronic systems.
  • 4. Who uses OpenID? • You probably already have an OpenID. • Most of the major web players have an implementation. • You can provide your own implementation.
  • 5. How does OpenID Work? 1. What’s your OpenID? 2. User enters OpenID. 3. Request the OpenID Provider page. 4. Provider returns page with openid.server and, optionally, openid.delegate. 5. Build URL and make request to OpenID server. 6. OpenID server presents login screen. 7. User provides credentials. 8. OpenID server asks user to authorize use. 9. User responds to authorization request. 10. User redirected to success or failure URL. 11. Appropriate page is rendered depending on success or failure.
  • 6. What is OAuth? • OAuth is about authorizing 3rd party sites to access user information. • Allows sharing of user data with other systems without providing credentials to the other systems.
  • 7. Who uses OAuth? • Most major web players. • Facebook, Twitter, Google, Flickr, more.. • You can too! Just download an open source library for your programming language of choice (Dot Net, Cold Fusion, Lisp, Java, JavaScript, Objective C, Perl, Ocaml, PHP, Ruby, Python, Erlang, more..)
  • 10. Source Code Examples • Examples using the Dot Net Open Auth library. • ASP.Net MVC example using OpenID. • ASP.Net Web Forms example using OAuth.