Open authorization (or OAuth for short) is a type of token-based authentication method that allows organizations to share information across third-party services without exposing their credentials. Essentially, OAuth is the middle-man that provides third-party services with a token that allows specific account information to be shared.
In other words, OAuth is a process in which users grant websites or applications information on another website without providing their login credentials. OAuth ensures that the website requesting the information has the right permissions to access the user’s data.
You’ve probably used OAuth without even realizing it. For example, whenever you give a website permission to access your Facebook information you’re using open authorization.
With all the effort involved with signing up for a new site and joining the community, OAuth can allow things to be more casual. With people hopping around the Web more it means sites have better chances at retaining new readers and having them become return visitors, which is great for all online businesses.
OAuth helps businesses too! Without the need to create a fully robust commenting system it frees up more time and money for Website developers to work on other aspects of their site. Also, since it’s an open standard for authorization it also means an unlimited number of online associations can benefit from it without being hindered by licensing fees.
Not only does OAuth give users the power to allow sites limited access to their data, but it even allows users to control when that timeframe window is up. It’s comforting that users can choose when authorization tokens expire.
Since the advent of OAuth 2.0 – which is now the standard model – all OAuth data transfers must take place on SSL (Secure Sockets Layer) to ensure the most trusted cryptography industry protocols are being used to keep data as safe as possible.
A friend sends you a link to a funny picture or video and you want to leave a comment. The only problem is that you’ve never been to this site before and don’t have an account. While you take a few seconds to consider if it’s worth signing up for, you spot a “Sign in with your Twitter account” button