Let’s talk OAuth @RSAConference

A lot has changed about the state of OAuth since I last presented at RSA Conference. Last year, the enterprise was screaming for standardized mechanics to provide access control to their APIs. Back then, OAuth was merely on the Enterprise Architect’s radar. It’s now safe to say that OAuth 2.0 is poised to fill this gap.

OAuth 2.0 is rich –different token types to accommodate different styles. The ‘bearer’ token type provides the simplicity of cookies, the ‘mac’ token type provides the security of hmac signatures. OAuth 2.0 also defines many different flows to accommodate different situations, involving either two or three parties.

Because this rising standard addresses so many use cases, the infrastructure supporting it must remain flexible to cover all of the benefits.

Let’s talk OAuth, see you @RSAConference London, Oct 13 2011 STAR-305.

About these ads

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: