OAuth 1.0
The OAuth 1.0 guide covers the protocol as defined by RFC 5849 and includes many corrections and improvements from previous blog posts and the original Beginner’s guide. To stay up to date about all things OAuth, check this page or subscribe.
- Introduction
- History
- Terminology
- Specification Structure
- Protocol Workflow
- Security Framwork
- Authentication
OAuth 2.0
OAuth 2.0 is a work in progress at the IETF.
Recent posts on the subject:
- OAuth 1.0 Blog Cleanup
- OAuth 2.0 Redirection URI Validation
- OAuth Bearer Tokens are a Terrible Idea
- More OAuth Nonsense
- OAuth 2.0 (without Signatures) is Bad for the Web
- Twitter a Hot Princess, Google an Empty Castle
- All This Twitter OAuth Security Nonsense
- Introducing OAuth 2.0
- Open Questions About OAuth 2.0 Authentication
- What's going on with OAuth?
- 2009 Year-End Status Report
- Sneak Peek: The Authoritative Guide to OAuth 1.0
- It's All About the Token
- OAuth 1.0 RFC Edition
- Planning for OAuth 2.0
