OAuth Overview

Justin James

@digitaldrummerj

 

What is OAuth 2.0?

An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications.

OAuth 2.0 Roles

Resource Owner: the person/app that holds the data to be shared

Resource Server: the application that holds the resources

Authorization Server: app that verified the identity of the users.

Client: app that makes the request to the RS on behalf of the RO

I want to see projects

Hey Back&, could you please give me a list of projects?

This is a protected resource.  You will need to present me an access token

Hey Github, can I get an access token please? 

Back& is asking

Sure, just need to ask a few details to the user first

Could you please provider me your credentials?  I need to verify your identity

No problem.  I am justin@ionic-az.org and my password is ****

The user is who he claims to be.  Here is your access token: 
hjC07IK5AS65WjPxL8TZJQgH2hcTtaAg8QDo5mIizM3wRrYO2w30qaYYvN0YLqyq

Hi Back&, this is my token
hjC07IK5AS65WjPxL8TZJQgH2hcTtaAg8QDo5mIizM3wRrYO2w30qaYYvN0YLqyq

Hi, I have been given
hjC07IK5AS65WjPxL8TZJQgH2hcTtaAg8QDo5mIizM3wRrYO2w30qaYYvN0YLqyq

Could you please tell me who it belongs to?

Sure.  The token is still valid and belongs to justin@ionic-az.org

Here is your list of projects

Here is your list of projects

OAuth is a delegation protocol, as in the

Client 

has no idea about the credentials of the

Resource Owner

Example Token Response


{
 "access_token": "RsT5OjbzRn430zqMLgV3Ia",
 "token_type": "Bearer",
 "expires_in": 3600,
 "refresh_token": "e1qoXg7Ik2RRua48lXIV"
}

thank you

i'm Justin.

 

@digitaldrummerj - digitaldrummerj@gmail.com

http://digitaldrummerj.me

Made with Slides.com