Skip to main content

OAuth2: The Swiss-Army Framework

Brent Shaffer (Adobe Systems Inc)
Security
D136
Average rating: *****
(5.00, 1 rating)
Slides:   1-PDF 

The first iteration of the technology we know as OAuth was a Protocol. It was immensely successful in providing third party authorization, so much that Twitter’s APIs still use it to this day. The next iteration, OAuth2, is no longer a protocol, but an Authorization Framework. Why this change in title? OAuth2 is implemented by the likes of Google, Facebook, Adobe, Salesforce, Github, and many more. It’s used to authorize mobile applications, javascript applications, and encrypted server-to-server calls. How can such large companies all use the same service? This session will focus on the miriad of ways OAuth2. We will cover the variety of grant types and their use cases, the ways the framework has been extended in the real world, and how you can implement this to enhance your own web applications.

Photo of Brent Shaffer

Brent Shaffer

Adobe Systems Inc

The tale of a young musician with his head filled with hopes and dreams who finds himself burdened with a mathematical mind and with little hopes of making it in the music world, decides to jump ship and finds he loves programming as much and maybe even more than his original passion.

Leave a Comment or Question

Help us make this conference the best it can be for you. Have questions you'd like this speaker to address? Suggestions for issues that deserve extra attention? Feedback that you'd like to share with the speaker and other attendees?

Join the conversation here (requires login)