OAuth (Open Authorization) is an open standard for authorization. It allows users to share their private resources (e.g. photos, videos, contact lists) stored on one site with another site without having to hand out their credentials, typically username and password.

OAuth allows users to hand out tokens instead of credentials to their data hosted by a given service provider. Each token grants access to a specific site (e.g. a video editing site) for specific resources (e.g. just videos from a specific album) and for a defined duration (e.g. the next 2 hours). This allows a user to grant a third party site access to their information stored with another service provider, without sharing their access permissions or the full extent of their data.

OAuth is a service that is complementary to, but distinct from, OpenID.

This book is your ultimate resource for OAuth. Here you will find the most up-to-date information, analysis, background and everything you need to know.

In easy to read chapters, with extensive references and links to get you to know all there is to know about OAuth right away, covering: OAuth, Ajax (programming), Atom (standard), Bistro Framework, Extensible Messaging and Presence Protocol, Open Cloud Computing Interface, Open Data Center Alliance, OpenDD, OpenID, Representational State Transfer, Web of Things, Access control list, Access Control Matrix, Atomic authorization, Authentication, Authorization, Bell-LaPadula model, Closed-loop authentication, Comparison of privilege authorization features, Computational trust, Context-based access control, Copy protection, Cryptographic log on, DACL, Database audit, DataLock Technology, Delegated administration, Delegation of Control, Digipass, Digital identity, Directory service, Discretionary access control, Distributed Access Control System, Draw a Secret, EAuthentication, Federated identity, Federated identity management, Form-based authentication, Global Trust Council, HERAS-AF, HTTP cookie, HTTP+HTML form-based authentication, IBM Lightweight Third-Party Authentication, IBM Tivoli Access Manager, Identity Assertion Provider, Identity driven networking, Initiative For Open Authentication, Integrated Windows Authentication, Internet Authentication Service, Java Authentication and Authorization Service, Location-based authentication, Logical access control, Login, LOMAC, Mandatory access control, MicroID, Microsoft Fingerprint Reader, Mobilegov, Multi-factor authentication, Mutual authentication, NemID, NIST RBAC model, Numina Application Framework, Object-capability model, One-time authorization code, One-time password, Organisation-based access control, PassWindow, Pre-boot authentication, Registered user, Restricting Access to Databases, Richacls, Risk-based authentication, Role hierarchy, Rootkit, Salute picture, SAML-based products and services, Secure attention key, Security Assertion Markup Language, Security question, Security store, Security token, Single sign-on, SiteKey, Software token, Spring Security, Strong authentication, Subscriber Identity Module, Time-based One-time Password Algorithm, Transaction authentication, Transaction authentication number, Tripcode, TUPAS, Two-factor authentication, Universal controls, Vidoop, Voms, Wilmagate, Windows credentials.

This book explains in-depth the real drivers and workings of OAuth. It reduces the risk of your technology, time and resources investment decisions by enabling you to compare your understanding of OAuth with the objectivity of experienced professionals.