With the launch of SOA Software OAuth Server, we’ve taken a huge step in the direction of providing easy, but secure, sharing of data across applications, APIs and domains. The effectiveness of an application is inhibited when the data contained in it can’t be used outside of a company’s firewall. So in creating a product that enables and supports sensible, governed and secure communication among applications and domains means that users will have a hub from which they can pull, push and broker information that’s relevant to them.
OAuth Server is more than an out-of-the-box solution for access control and ID management. We developed it into a completely flexible solution that enables the integration and usage of work that’s already been completed by other development teams in order to integrate with existing security efforts.
OAuth is an incredible useful and powerful standard. It’s also becoming increasingly understood, but not without some level of confusion among would-be users. Since we find it to be such a compelling and instructive tool, we wanted to provide additional resources to help you understand OAuth, and learn how you can put it to use for your APIs and applications. The items listed below are not necessarily endorsed by us, but we’ve checked them out and think they’ll be helpful. Let us know if you’re aware of others.
OAuth Resource Guide:
- The OAuth Bible: A great overview of signature methods, signed requests, OAuth terminology and a host of other topics.
- OAuth Wiki: If you want to get smarter about OAuth, or already know what you need, but just want a quick reference, the OAuth Wiki is a wonderful guide. Lots of good tidbits for developers who want to connect with kindred spirits.
- OAuth Discuss: The OAuth Google Group. If you need help, start here.
- The OAuth site: Framework, protocol, and tools for consumer developers and service providers. Specs for OAuth 2.0 as well.
- IETF OAuth Group: To keep up to date on developments, and have your voice heard, join the IETF working group for OAuth.
- OAuth Checklist: To ensure you’re using it correctly, refer to this handy site. Great stuff to keep your development on track and focused.
- Explaining How Your API Uses OAuth: Peter Gruenbaum, founder of SDK Bridge, wrote this explanatory piece that serves as an excellent primer on what your API is doing with OAuth.
- OAuth 2.0 Comparisons: The Good, The Bad, The Quirky: Great overview of how different APIs use OAuth, and the good, bad and odd aspects of how it’s implemented. Seeing how the big players do it is instructive.
We’ll continue to update this doc and keep you aware of learning and doing resources that will keep you informed about OAuth. We want you to understand it so you can use it and benefit from it.