It is best practice to use OAuth for securing APIs. Google, Paypal and LinkedIn are using it. Sweet! Let's check out how Google is using OAuth.
This is an excerpt from a comprehensive Online and Video-based Course on OAuth 2.0. Learn OAuth 2.0 at the API-University:
Get your FREE copy of the OAuth Cheat Sheet and never get confused by OAuth again:
Want to learn more about APIs? Get a book at https://api-university.com/books on API architecture, RESTful API design, API security with OAuth, OpenID Connect, GraphQL, Webhooks, AWS AppSync, Swagger and Open API
Looking for a job in the API space? Go to https://jobs.api-university.com, the largest API job site and find a better API job close to you.
Do you want to write best-selling iPhone and Android apps?
The most popular mobile apps integrate with popular social APIs of Google, LinkedIn, Twitter and many more. If this is a well known fact, why do app developers not just do it?
Many app developers are afraid of complicated OAuth integrations. Security is in fact the biggest hurdle for most mobile app developers.
With the knowledge gained in this course you can use the secret of best app developers out there and finally integrate your app with social APIs.
Do you want to start out on your own, as an entrepreneur, consultant or freelancer?
Knowing API Security and OAuth allows you to realize the big vision of your company in the field of mobile apps, cloud apps and web APIs, such as Google, Paypal and LinkedIn.
Do you want to build exciting solutions with the next generation technology?
Whether you are a web developer, mobile developer or API developer, an architect or embedded developer for the Internet of Things, today you need to know OAuth to build state of the art solutions.
What does this course offer?
This course offers an introduction to API Security with OAuth 2.0. In 3 hours you will gain an overview of the capabilities of OAuth. You will learn the core concepts of OAuth. You will get to know all 4 OAuth flows that are used in cloud solutions and mobile apps.
If you have tried to read the official OAuth specification, you may get the impression that OAuth is complex. This course explains OAuth in simple terms. The four OAuth flows are visualized graphically using sequence diagrams. The diagrams are then animated so you get to know the interactions step by step and see the big picture of the various OAuth interactions. This high-level overview is complemented with rich set of example requests and responses and an explanation of the technical details.
Who should take this course?
You believe OAuth is complicated? OAuth may seem complex with flows and redirects going back and forth. This course will give you clarity by introducing the seemingly complicated material with many illustrations and animations. These illustrations clearly show all the involved interaction parties and the messages they exchange.
You want to learn the OAuth concepts efficiently? This course uses many animated diagrams and sequence diagrams. A good diagram says more than 1000 words.
You want to use OAuth in your mobile app? If you want to access resources that are protected by OAuth, you need to get a token first, before you can access the resource. For this, you need to understand the OAuth flows and the dependencies between the steps of the flows.
You want to use OAuth to protect your APIs? OAuth is perfectly suited to protect your APIs. You can learn which OAuth endpoints need to be provided and which checks need to be made within the protected APIs.
This course is based on the bestselling book "OAuth 2.0: Getting Started in Web-API Security". Before I tell you what is presented in the course, just read, what the audience thinks about the book.
Excellent review of the underlying components of OAuth, and the methods of deploying and using it. Love the sequence diagrams. The explanations of the differences between the pattern use cases is most helpful.
***** 5 Stars by A. on April 22, 2015
Great Book: A clear explanation of OAuth and its authentication flows. It provided great descriptions of the OpenId Connect and SAML2 extensions.
***** 5 Stars by Donald E. L. on March 2, 2015
Brief explanation of OAuth but clear and straightforward.
***** 5 Stars by G. S. on February 12, 2015
What am I going to get from this course?
* Secure your own APIs with OAuth (server-side).
* Use OAuth in Mobile Apps (client-side).
* Use OAuth in Cloud Solutions (client-side).
* Choose the correct OAuth Flow flow for your use-case.
* Know the OAuth Terminology: Actors, Endpoints, Tokens.
* Apply OAuth Best Practices.
Learn OAuth 2.0 at the API-University: