JavaScript oAuth
www.codeproject.com
on 05/01/2013
Excerpt: With most modern applications now using HTML and JavaScript, it is very much a wise idea so you keep up with the current trend. Some major entities provide APIs for various reasons which include client authentication and authorization. A popular feature being used for authentication in websites today is "Single Sign-on". This give users the ability to sign into your website using other identity providers especially those from social media websites. This article will demonstrate a simple way of integrating this feature for three major identity providers into your website using purely JavaScript.... read the full post.
Tags: API-Evangelist, API-Stack, JavaScript, OAuth
Node.js OAuth1.0 and OAuth2.0: Twitter API v1.1 Examples | Web App Log
www.webapplog.com
on 04/22/2013
Excerpt: Recently we had to work on modification to accommodate Twitter API v1. 1. The main difference between Twitter API v1. 1 and, soon to be deprecated, Twitter API v1. 0 is that most of the REST API endpoints now require user or application context. In other words, each call needs to be performed via OAuth 1. 0A or OAuth 2. 0 authentication. At Storify we run everything on Node. js so it was natural that we used oauth module by Ciaran Jessup: NPM and GitHub. It’s mature and supports all the needed functionality but lacks any kind of examples and/or interface documentation. Here are the examples of calling Twitter API v1. 1, and a list of methods. I hope that nobody will have to dig through the oauth module source code anymore!... read the full post.
Tags: API-Evangelist, API-Stack, Node.js, OAuth, Twitter
Box Platform Developer Documentation
developers.box.com
on 04/04/2013
Excerpt: Apps connect to Box using OAuth 2, the standard used by most APIs for authenticating and authorizing users. The following walkthrough will show you how to authenticate a user to use the Box API with OAuth 2. There are also client libraries available in a number of languages that you might find useful. Testing: When your app is set to ‘Development’ mode, you can set your redirect_uri to the following local http endpoints: http://127. 0. 0. 1, http://0. 0. 0. 0, and http://localhost. Before you can start using OAuth2 with your application, you’ll need to tell Box a bit of information about your application
Register your application here. Set your redirect url
Select your scope
Make a note of both your client_id and client_secret.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Showcase
oauth/access_token Stopped working today | Twitter Developers
dev.twitter.com
on 04/04/2013
Excerpt: Building an app that has been working for 3 months now, up to and including last night. No changes made to any code, but today I cannot successfully use oauth/access_token. I receive error 401:
As I said, I have not changed anything and this worked as of 3AM last night. What's going on? 4 days 14 hours ago Login to post comments
There are two aspects to the change -- both are mandatory parts of the OAuth 1. 0A spec that we've been lenient with in the past:
You must pass an oauth_callback value to oauth/request_token. It's not optional. Even if you have one already set on dev. twitter. com. If you're doing out of band OAuth, pass oauth_callback=oob.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Security, Twitter
Twitter / MYOBapi: Early morning whiteboard thinking ...
twitter.com
on 04/04/2013
Excerpt: When you tweet with a location, Twitter stores that location. You can switch location on/off before each Tweet and always have the option to delete your location history. Learn more
Not on Twitter?... read the full post.
Tags: API-Evangelist, API-Stack, Documentation, How-To, Learning, OAuth
New California "Right to Know" Act Would Let Consumers Find Out Who Has Their Personal Data -- And Get a Copy of It | Electronic Frontier Foundation
www.eff.org
on 04/02/2013
Excerpt: Let’s face it: most of us have no idea how companies are gathering and sharing our personal data. Colossal data brokers are sucking up personal facts about Americans from sources they refuse to disclose. Digital giants like Facebook are teaming up with data brokers in unsettling new ways. Privacy policies for companies are difficult to read at best and can change in a heartbeat. And even savvy users are unlikely to fend off the snooping eyes of online trackers working to build profiles of our interests and web histories. So what can we do about it?... read the full post.
Tags: API-Voice, Data, OAuth, Privacy, Story
Explaining How Your API Uses OAuth
blog.programmableweb.com
on 03/26/2013
Excerpt: This guest post comes from Peter Gruenbaum , founder of SDK Bridge , a company that writes API documentation so that your developers don’t have to. He has worked as an API writer to describe APIs for eCommerce, traffic prediction, electric utilities, mobile phones, and tractors, just to name a few. OAuth is becoming a very popular way to control authorized access to Web APIs and the data that they return. Although it’s one of the most straightforward ways to accomplish this, it’s still rather confusing to use. If your API uses OAuth, then you need to be able to describe it so that developers can quickly understand what they need to do. OAuth can be a very complex topic, and not all developers are familiar with it.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Security
LinkedIn Platform Launches OAuth 2.0
developer.linkedin.com
on 02/21/2013
Excerpt: Kamyar Mohager, Feb 21, 2013 At LinkedIn, one of our three key product goals is simplicity. Unfortunately, many developers have found OAuth 1. 0a to be anything but simple. While secure, it has some complexities that can make it difficult for developers to successfully create applications on the LinkedIn Platform. We've heard from our community about their interest in OAuth 2. 0, and we have wanted to provide it to you for a long time. After careful evaluation and analysis over the current state of the OAuth 2. 0 specification, we now feel confident that OAuth 2. 0 is sufficiently mature. That's why we're happy to announce OAuth 2. 0 for LinkedIn APIs.... read the full post.
Tags: API-Evangelist, API-Stack, LinkedIn, OAuth, Security, Social Networking
John Sheehan : The Good and the Bad of OAuth 2.0 Authorization Implementations
john-sheehan.com
on 01/27/2013
Excerpt: While testing out a new tool I’m working on that uses a variety of OAuth2 providers and thought I’d catalog some of the quirks I came across. This is just for the authorization flow, not for actually making requests once you’ve secured a token. Now that the OAuth2 spec is solidified we should start seeing less and less of these issues. Good: The APIs Console is one of the best out there. My favorite feature: allowing you to specify multiple callback URLs for a single app. This makes testing different environments way easier because you don’t need to go back and constantly edit the callback URL value. Good: The OAuth 2. 0 Playground is fantastic. It will show you all the HTTP requests that are made for a standard auth flow.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth
How to Think About OAuth
www.tbray.org
on 01/25/2013
Excerpt: I’m not a deep OAuth 2. 0 expert yet; at this point that label is reserved for the (substantial number of) people who wrote the specs. But I’ve worked with a few implementations and talked it over with smart people, and I have opinions. Summary: It’s a framework not a protocol, it has irritating problems, and it’s really very useful. Real Internet Protocols · I mean things like HTTP and SMTP; plug a client and a server into each other and if it doesn’t Just Work, that’s surprising. OAuth 2. 0 isn’t one of those; the language of the spec is full of “Out of scope” and “At the discretion of the implementor”.... read the full post.
Tags: API-Evangelist, API-Stack, Bray, Googlereader, Ifttt, OAuth, ongoing, Tim
Excerpt: Recently we had to work on modification to accommodate Twitter API v1. 1. The main difference between Twitter API v1. 1 and, soon to be deprecated, Twitter API v1. 0 is that most of the REST API endpoints now require user or application context. In other words, each call needs to be performed via OAuth 1. 0A or OAuth 2. 0 authentication. At Storify we run everything on Node. js so it was natural that we used oauth module by Ciaran Jessup: NPM and GitHub. It’s mature and supports all the needed functionality but lacks any kind of examples and/or interface documentation. Here are the examples of calling Twitter API v1. 1, and a list of methods. I hope that nobody will have to dig through the oauth module source code anymore!... read the full post.
Tags: API-Evangelist, API-Stack, Node.js, OAuth, Twitter
Box Platform Developer Documentation
developers.box.com
on 04/04/2013
Excerpt: Apps connect to Box using OAuth 2, the standard used by most APIs for authenticating and authorizing users. The following walkthrough will show you how to authenticate a user to use the Box API with OAuth 2. There are also client libraries available in a number of languages that you might find useful. Testing: When your app is set to ‘Development’ mode, you can set your redirect_uri to the following local http endpoints: http://127. 0. 0. 1, http://0. 0. 0. 0, and http://localhost. Before you can start using OAuth2 with your application, you’ll need to tell Box a bit of information about your application
Register your application here. Set your redirect url
Select your scope
Make a note of both your client_id and client_secret.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Showcase
oauth/access_token Stopped working today | Twitter Developers
dev.twitter.com
on 04/04/2013
Excerpt: Building an app that has been working for 3 months now, up to and including last night. No changes made to any code, but today I cannot successfully use oauth/access_token. I receive error 401:
As I said, I have not changed anything and this worked as of 3AM last night. What's going on? 4 days 14 hours ago Login to post comments
There are two aspects to the change -- both are mandatory parts of the OAuth 1. 0A spec that we've been lenient with in the past:
You must pass an oauth_callback value to oauth/request_token. It's not optional. Even if you have one already set on dev. twitter. com. If you're doing out of band OAuth, pass oauth_callback=oob.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Security, Twitter
Twitter / MYOBapi: Early morning whiteboard thinking ...
twitter.com
on 04/04/2013
Excerpt: When you tweet with a location, Twitter stores that location. You can switch location on/off before each Tweet and always have the option to delete your location history. Learn more
Not on Twitter?... read the full post.
Tags: API-Evangelist, API-Stack, Documentation, How-To, Learning, OAuth
New California "Right to Know" Act Would Let Consumers Find Out Who Has Their Personal Data -- And Get a Copy of It | Electronic Frontier Foundation
www.eff.org
on 04/02/2013
Excerpt: Let’s face it: most of us have no idea how companies are gathering and sharing our personal data. Colossal data brokers are sucking up personal facts about Americans from sources they refuse to disclose. Digital giants like Facebook are teaming up with data brokers in unsettling new ways. Privacy policies for companies are difficult to read at best and can change in a heartbeat. And even savvy users are unlikely to fend off the snooping eyes of online trackers working to build profiles of our interests and web histories. So what can we do about it?... read the full post.
Tags: API-Voice, Data, OAuth, Privacy, Story
Explaining How Your API Uses OAuth
blog.programmableweb.com
on 03/26/2013
Excerpt: This guest post comes from Peter Gruenbaum , founder of SDK Bridge , a company that writes API documentation so that your developers don’t have to. He has worked as an API writer to describe APIs for eCommerce, traffic prediction, electric utilities, mobile phones, and tractors, just to name a few. OAuth is becoming a very popular way to control authorized access to Web APIs and the data that they return. Although it’s one of the most straightforward ways to accomplish this, it’s still rather confusing to use. If your API uses OAuth, then you need to be able to describe it so that developers can quickly understand what they need to do. OAuth can be a very complex topic, and not all developers are familiar with it.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Security
LinkedIn Platform Launches OAuth 2.0
developer.linkedin.com
on 02/21/2013
Excerpt: Kamyar Mohager, Feb 21, 2013 At LinkedIn, one of our three key product goals is simplicity. Unfortunately, many developers have found OAuth 1. 0a to be anything but simple. While secure, it has some complexities that can make it difficult for developers to successfully create applications on the LinkedIn Platform. We've heard from our community about their interest in OAuth 2. 0, and we have wanted to provide it to you for a long time. After careful evaluation and analysis over the current state of the OAuth 2. 0 specification, we now feel confident that OAuth 2. 0 is sufficiently mature. That's why we're happy to announce OAuth 2. 0 for LinkedIn APIs.... read the full post.
Tags: API-Evangelist, API-Stack, LinkedIn, OAuth, Security, Social Networking
John Sheehan : The Good and the Bad of OAuth 2.0 Authorization Implementations
john-sheehan.com
on 01/27/2013
Excerpt: While testing out a new tool I’m working on that uses a variety of OAuth2 providers and thought I’d catalog some of the quirks I came across. This is just for the authorization flow, not for actually making requests once you’ve secured a token. Now that the OAuth2 spec is solidified we should start seeing less and less of these issues. Good: The APIs Console is one of the best out there. My favorite feature: allowing you to specify multiple callback URLs for a single app. This makes testing different environments way easier because you don’t need to go back and constantly edit the callback URL value. Good: The OAuth 2. 0 Playground is fantastic. It will show you all the HTTP requests that are made for a standard auth flow.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth
How to Think About OAuth
www.tbray.org
on 01/25/2013
Excerpt: I’m not a deep OAuth 2. 0 expert yet; at this point that label is reserved for the (substantial number of) people who wrote the specs. But I’ve worked with a few implementations and talked it over with smart people, and I have opinions. Summary: It’s a framework not a protocol, it has irritating problems, and it’s really very useful. Real Internet Protocols · I mean things like HTTP and SMTP; plug a client and a server into each other and if it doesn’t Just Work, that’s surprising. OAuth 2. 0 isn’t one of those; the language of the spec is full of “Out of scope” and “At the discretion of the implementor”.... read the full post.
Tags: API-Evangelist, API-Stack, Bray, Googlereader, Ifttt, OAuth, ongoing, Tim
Excerpt: Building an app that has been working for 3 months now, up to and including last night. No changes made to any code, but today I cannot successfully use oauth/access_token. I receive error 401: As I said, I have not changed anything and this worked as of 3AM last night. What's going on? 4 days 14 hours ago Login to post comments There are two aspects to the change -- both are mandatory parts of the OAuth 1. 0A spec that we've been lenient with in the past: You must pass an oauth_callback value to oauth/request_token. It's not optional. Even if you have one already set on dev. twitter. com. If you're doing out of band OAuth, pass oauth_callback=oob.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Security, Twitter
Twitter / MYOBapi: Early morning whiteboard thinking ...
twitter.com
on 04/04/2013
Excerpt: When you tweet with a location, Twitter stores that location. You can switch location on/off before each Tweet and always have the option to delete your location history. Learn more
Not on Twitter?... read the full post.
Tags: API-Evangelist, API-Stack, Documentation, How-To, Learning, OAuth
New California "Right to Know" Act Would Let Consumers Find Out Who Has Their Personal Data -- And Get a Copy of It | Electronic Frontier Foundation
www.eff.org
on 04/02/2013
Excerpt: Let’s face it: most of us have no idea how companies are gathering and sharing our personal data. Colossal data brokers are sucking up personal facts about Americans from sources they refuse to disclose. Digital giants like Facebook are teaming up with data brokers in unsettling new ways. Privacy policies for companies are difficult to read at best and can change in a heartbeat. And even savvy users are unlikely to fend off the snooping eyes of online trackers working to build profiles of our interests and web histories. So what can we do about it?... read the full post.
Tags: API-Voice, Data, OAuth, Privacy, Story
Explaining How Your API Uses OAuth
blog.programmableweb.com
on 03/26/2013
Excerpt: This guest post comes from Peter Gruenbaum , founder of SDK Bridge , a company that writes API documentation so that your developers don’t have to. He has worked as an API writer to describe APIs for eCommerce, traffic prediction, electric utilities, mobile phones, and tractors, just to name a few. OAuth is becoming a very popular way to control authorized access to Web APIs and the data that they return. Although it’s one of the most straightforward ways to accomplish this, it’s still rather confusing to use. If your API uses OAuth, then you need to be able to describe it so that developers can quickly understand what they need to do. OAuth can be a very complex topic, and not all developers are familiar with it.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Security
LinkedIn Platform Launches OAuth 2.0
developer.linkedin.com
on 02/21/2013
Excerpt: Kamyar Mohager, Feb 21, 2013 At LinkedIn, one of our three key product goals is simplicity. Unfortunately, many developers have found OAuth 1. 0a to be anything but simple. While secure, it has some complexities that can make it difficult for developers to successfully create applications on the LinkedIn Platform. We've heard from our community about their interest in OAuth 2. 0, and we have wanted to provide it to you for a long time. After careful evaluation and analysis over the current state of the OAuth 2. 0 specification, we now feel confident that OAuth 2. 0 is sufficiently mature. That's why we're happy to announce OAuth 2. 0 for LinkedIn APIs.... read the full post.
Tags: API-Evangelist, API-Stack, LinkedIn, OAuth, Security, Social Networking
John Sheehan : The Good and the Bad of OAuth 2.0 Authorization Implementations
john-sheehan.com
on 01/27/2013
Excerpt: While testing out a new tool I’m working on that uses a variety of OAuth2 providers and thought I’d catalog some of the quirks I came across. This is just for the authorization flow, not for actually making requests once you’ve secured a token. Now that the OAuth2 spec is solidified we should start seeing less and less of these issues. Good: The APIs Console is one of the best out there. My favorite feature: allowing you to specify multiple callback URLs for a single app. This makes testing different environments way easier because you don’t need to go back and constantly edit the callback URL value. Good: The OAuth 2. 0 Playground is fantastic. It will show you all the HTTP requests that are made for a standard auth flow.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth
How to Think About OAuth
www.tbray.org
on 01/25/2013
Excerpt: I’m not a deep OAuth 2. 0 expert yet; at this point that label is reserved for the (substantial number of) people who wrote the specs. But I’ve worked with a few implementations and talked it over with smart people, and I have opinions. Summary: It’s a framework not a protocol, it has irritating problems, and it’s really very useful. Real Internet Protocols · I mean things like HTTP and SMTP; plug a client and a server into each other and if it doesn’t Just Work, that’s surprising. OAuth 2. 0 isn’t one of those; the language of the spec is full of “Out of scope” and “At the discretion of the implementor”.... read the full post.
Tags: API-Evangelist, API-Stack, Bray, Googlereader, Ifttt, OAuth, ongoing, Tim
Excerpt: Let’s face it: most of us have no idea how companies are gathering and sharing our personal data. Colossal data brokers are sucking up personal facts about Americans from sources they refuse to disclose. Digital giants like Facebook are teaming up with data brokers in unsettling new ways. Privacy policies for companies are difficult to read at best and can change in a heartbeat. And even savvy users are unlikely to fend off the snooping eyes of online trackers working to build profiles of our interests and web histories. So what can we do about it?... read the full post.
Tags: API-Voice, Data, OAuth, Privacy, Story
Explaining How Your API Uses OAuth
blog.programmableweb.com
on 03/26/2013
Excerpt: This guest post comes from Peter Gruenbaum , founder of SDK Bridge , a company that writes API documentation so that your developers don’t have to. He has worked as an API writer to describe APIs for eCommerce, traffic prediction, electric utilities, mobile phones, and tractors, just to name a few. OAuth is becoming a very popular way to control authorized access to Web APIs and the data that they return. Although it’s one of the most straightforward ways to accomplish this, it’s still rather confusing to use. If your API uses OAuth, then you need to be able to describe it so that developers can quickly understand what they need to do. OAuth can be a very complex topic, and not all developers are familiar with it.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth, Security
LinkedIn Platform Launches OAuth 2.0
developer.linkedin.com
on 02/21/2013
Excerpt: Kamyar Mohager, Feb 21, 2013 At LinkedIn, one of our three key product goals is simplicity. Unfortunately, many developers have found OAuth 1. 0a to be anything but simple. While secure, it has some complexities that can make it difficult for developers to successfully create applications on the LinkedIn Platform. We've heard from our community about their interest in OAuth 2. 0, and we have wanted to provide it to you for a long time. After careful evaluation and analysis over the current state of the OAuth 2. 0 specification, we now feel confident that OAuth 2. 0 is sufficiently mature. That's why we're happy to announce OAuth 2. 0 for LinkedIn APIs.... read the full post.
Tags: API-Evangelist, API-Stack, LinkedIn, OAuth, Security, Social Networking
John Sheehan : The Good and the Bad of OAuth 2.0 Authorization Implementations
john-sheehan.com
on 01/27/2013
Excerpt: While testing out a new tool I’m working on that uses a variety of OAuth2 providers and thought I’d catalog some of the quirks I came across. This is just for the authorization flow, not for actually making requests once you’ve secured a token. Now that the OAuth2 spec is solidified we should start seeing less and less of these issues. Good: The APIs Console is one of the best out there. My favorite feature: allowing you to specify multiple callback URLs for a single app. This makes testing different environments way easier because you don’t need to go back and constantly edit the callback URL value. Good: The OAuth 2. 0 Playground is fantastic. It will show you all the HTTP requests that are made for a standard auth flow.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth
How to Think About OAuth
www.tbray.org
on 01/25/2013
Excerpt: I’m not a deep OAuth 2. 0 expert yet; at this point that label is reserved for the (substantial number of) people who wrote the specs. But I’ve worked with a few implementations and talked it over with smart people, and I have opinions. Summary: It’s a framework not a protocol, it has irritating problems, and it’s really very useful. Real Internet Protocols · I mean things like HTTP and SMTP; plug a client and a server into each other and if it doesn’t Just Work, that’s surprising. OAuth 2. 0 isn’t one of those; the language of the spec is full of “Out of scope” and “At the discretion of the implementor”.... read the full post.
Tags: API-Evangelist, API-Stack, Bray, Googlereader, Ifttt, OAuth, ongoing, Tim
Excerpt: Kamyar Mohager, Feb 21, 2013 At LinkedIn, one of our three key product goals is simplicity. Unfortunately, many developers have found OAuth 1. 0a to be anything but simple. While secure, it has some complexities that can make it difficult for developers to successfully create applications on the LinkedIn Platform. We've heard from our community about their interest in OAuth 2. 0, and we have wanted to provide it to you for a long time. After careful evaluation and analysis over the current state of the OAuth 2. 0 specification, we now feel confident that OAuth 2. 0 is sufficiently mature. That's why we're happy to announce OAuth 2. 0 for LinkedIn APIs.... read the full post.
Tags: API-Evangelist, API-Stack, LinkedIn, OAuth, Security, Social Networking
John Sheehan : The Good and the Bad of OAuth 2.0 Authorization Implementations
john-sheehan.com
on 01/27/2013
Excerpt: While testing out a new tool I’m working on that uses a variety of OAuth2 providers and thought I’d catalog some of the quirks I came across. This is just for the authorization flow, not for actually making requests once you’ve secured a token. Now that the OAuth2 spec is solidified we should start seeing less and less of these issues. Good: The APIs Console is one of the best out there. My favorite feature: allowing you to specify multiple callback URLs for a single app. This makes testing different environments way easier because you don’t need to go back and constantly edit the callback URL value. Good: The OAuth 2. 0 Playground is fantastic. It will show you all the HTTP requests that are made for a standard auth flow.... read the full post.
Tags: API-Evangelist, API-Stack, OAuth
How to Think About OAuth
www.tbray.org
on 01/25/2013
Excerpt: I’m not a deep OAuth 2. 0 expert yet; at this point that label is reserved for the (substantial number of) people who wrote the specs. But I’ve worked with a few implementations and talked it over with smart people, and I have opinions. Summary: It’s a framework not a protocol, it has irritating problems, and it’s really very useful. Real Internet Protocols · I mean things like HTTP and SMTP; plug a client and a server into each other and if it doesn’t Just Work, that’s surprising. OAuth 2. 0 isn’t one of those; the language of the spec is full of “Out of scope” and “At the discretion of the implementor”.... read the full post.
Tags: API-Evangelist, API-Stack, Bray, Googlereader, Ifttt, OAuth, ongoing, Tim
Excerpt: I’m not a deep OAuth 2. 0 expert yet; at this point that label is reserved for the (substantial number of) people who wrote the specs. But I’ve worked with a few implementations and talked it over with smart people, and I have opinions. Summary: It’s a framework not a protocol, it has irritating problems, and it’s really very useful. Real Internet Protocols · I mean things like HTTP and SMTP; plug a client and a server into each other and if it doesn’t Just Work, that’s surprising. OAuth 2. 0 isn’t one of those; the language of the spec is full of “Out of scope” and “At the discretion of the implementor”.... read the full post.
Tags: API-Evangelist, API-Stack, Bray, Googlereader, Ifttt, OAuth, ongoing, Tim
| 1 2 3 4 | Next >> |
