Understanding OAuth : The Idea
OAuth is used by big internet companies around the world to give access to their API. If you are developing applications for Google, Twitter, Facebook, you will encounter OAuth when developing your apps. So, what exactly is OAuth ?
A great illustration for this is the Valet Key for the Web from Eran Hammer-Lahav :
“Many luxury cars come with a valet key. It is a special key you give the parking attendant and unlike your regular key, will only allow the car to be driven a short distance while blocking access to the trunk and the onboard cell phone. Regardless of the restrictions the valet key imposes, the idea is very clever. You give someone limited access to your car with a special key, while using another key to unlock everything else.”
The main advantage of OAuth is granting limited access.
This is useful in today digital playground. Interaction between internet services are becoming common place.
OAuth fills in the gap perfectly. It enables internet services to interact with each other with their user approvals. At the same time, limiting the data exchange, so protecting their unique advantage.
For Service Provider, OAuth makes it easy for users to use their service by importing user data from another service supporting OAuth.
For User, they can easily get things done by exporting their data from one service provider to another without the need to manually copy the data.
At the same time, User do not have to create username and password for individual websites.
So, it is a win-win situation.