OAuth 2.0: Don't Throw the Baby Out with the Bathwater

In the wake of Eran Hammer's resignation from the OAuth 2.0 working group, @gbrail and @edanuff discussed the usability of OAuth 2.0 for your APIs, identifying problematic areas of the spec and understanding how to avoid them, and why rolling back to OAuth 1.0 or "rolling your own" is not a great idea.