Amazon Ads

Wednesday, May 25, 2011

OAuth - A Brief Introduction

Oauth is the rescue mechanism when you want to share some of your data with another site or software without sharing the credentials for accessing your data. For e.g. If you want to share your photos that are private on Picasa without sharing your Picasa credentials with a Photo Studio for printing, OAuth comes to your rescue.


OAuth allows this by handing out a token to the requesting site instead of sharing the login credentials itself.

The token itself can define access to which site for which specific resources and for a defined duration.

This requires implementation from the accessing site as well as the site having the resources to share with the accessing site along with the device being used for the access.


1. User logs in to the Resource Accessing site (Consumer) like a print studio’s site


2. User places an order for print of photos stored in another site (Service Provider Site).

3. The Consumer site redirects the user to the Service Provider site

4. At the 2nd site, the user signs into the account where the site questions if the user certainly wants to share the resources with the origin site. On agreeing, the service provider site creates a token with information on what resources can be accessed for how long and

5. Then the token is shared with the Consumer site

6. Based on the token provided, the Consumer site can access the resources from the Provider site.


So, in this whole process the user did not have to share the login credentials at any point of time with the consumer site. This is the biggest advantage of the OAuth mechanism and is widely used by all the major social networking sites currently.


This helps in reducing the problem of having sharing resources across sites without sharing the user credentials between them.

In the OAuth Parlance, the following jargon are equivalent:


1. User a.k.a. Resource Owner

2. Service Provider a.k.a Server

3. Consumer a.k.a Client