11436 SSO

OAuth

Digital Business
by Jen Mazzon Oct 17, 2012
Today we released a scheduled update for the Apigee API Platform, which gives free open access to the same enterprise-grade API Platform used by industry leaders like Walgreens, eBay and AT&T. This update... Read more
Today we released a scheduled update for the Apigee API Platform, which gives free open access to the same enterprise-grade API Platform used by industry leaders like Walgreens, eBay and AT&T. This update delivers the following new features and improvements: ability to understand your API traffic by location, approve keys for apps either automatically or manually, get performance metrics by API resource, a 200% improvement in OAuth performance, and more.
601
Technology
by Greg Brail Aug 16, 2012
 Thanks to all for your interest and participation in our OAuth 2.0: Don't Throw the Baby Out with the Bathwater Webcast on August 2nd. You'll find the video and slides here.There were several questions that we didn't... Read more
Thanks to all for your interest and participation in our OAuth 2.0: Don't Throw the Baby Out with the Bathwater Webcast on August 2nd. You'll find the video and slides here. There were several questions that we didn't get a chance to address in the hour so we'll follow up on them here. And we'd love to continue the conversation over on the API Craft Google group.
606
Technology
by Helen Whelan Aug 06, 2012
Thanks to all who participated in last week's Webcast, "OAuth 2.0: Don't Throw the Baby Out with the Bathwater."In the wake of Eran Hammer's resignation from the OAuth 2.0 working group, @gbrail and @edanuff discussed... Read more
Thanks to all who participated in last week's Webcast, "OAuth 2.0: Don't Throw the Baby Out with the Bathwater."In the wake of Eran Hammer's resignation from the OAuth 2.0 working group, @gbrail and @edanuff discussed the usability of OAuth 2.0 for your APIs, identifying problematic areas of the spec and understanding how to avoid them, and why rolling back to OAuth 1.0 or "rolling your own" is not a great idea.The video and slides for the session are below. There were some questions that we didn't get a chance to address during the hour so we follow up on them here. We'd love to continue the discussion on the api-craft forum.
606
Technology
by Greg Brail Mar 13, 2012
 OAuth - The Big Picture  Choose Kindle, PDF or ePub format OAuth has become standard practice for large social media APIs and it's becoming common across enterprise APIs. OAuth is good for your... Read more
OAuth has become standard practice for large social media APIs and it's becoming common across enterprise APIs. OAuth is good for your customers' security and experience making is critical if you want adoption on your API. Over the past year, we've been talking OAuth with some of the leading API teams around the globe as they design their API security strategies. These interactions have helped us build and refine our perspective.
606
Technology
by Greg Brail Feb 16, 2012
In a recent OAuth post, we recommended that if your API can require HTTPS, use OAuth 2.0.  Otherwise, use OAuth 1.0a. How should you use OAuth 2.0? There are three types of credentials in OAuth 2.0. ... Read more
In a recent OAuth post, we recommended that if your API can require HTTPS, use OAuth 2.0. Otherwise, use OAuth 1.0a. How should you use OAuth 2.0? There are three types of credentials in OAuth 2.0 - BEARER TOKENS, MAC TOKENS, and SAML. What are they and which should you use? Then what about 2-legged vs. 3-legged OAuth?
606
Technology
by Greg Brail Feb 15, 2012
In the previous few blog posts, I’ve talked about what OAuth is and when and why I recommend it.This time, let's explore some of the reasons why OAuth is more cumbersome and complicated for developers than plain... Read more
In the previous few blog posts, I’ve talked about what OAuth is and when and why I recommend it. This time, let's explore some of the reasons why OAuth is more cumbersome and complicated for developers than plain passwords as well as some recommendations to help you make the decision between OAuth 2.0 or 1.0a.
606
Technology
by Greg Brail Feb 14, 2012
In my last post, OAuth: Why it's good for API providers, I talked about why I recommend OAuth for API providers when they are exposing APIs for web or mobile apps.This time, a short follow up to look at a couple of... Read more
In the previous few blog posts, I’ve talked about what OAuth is and when and why I recommend it. This time, let's explore some of the reasons why OAuth is more cumbersome and complicated for developers than plain passwords as well as some recommendations to help you make the decision between OAuth 2.0 or 1.0a.
606

API Management Decision-Making Kit

Next Steps

 
 

Resources Gallery

News