Getting Started with Oauth 2.0: Programming Clients for Secure Web API

Whether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application.

Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.
* Understand OAuth 2.0’s role in authentication and authorization
* Learn how OAuth’s Authorization Code flow helps you integrate data from different business applications
* Discover why native mobile apps use OAuth differently than mobile web apps
* Use OpenID Connect and eliminate the need to build your own authentication system

Ryan Boyd is a developer advocate at Google focused on enabling developers to extend Google Apps and build businesses on top of Google technology. He previously worked on OpenSocial and led the developer relations team for Google's AtomPub APIs. Prior to joining Google, Ryan worked in higher education as a web architect for RIT's central web hosting environment and as web app developer building admissions and student systems.

Preface Chapter 1: Introduction Chapter 2: Server-Side Web Application Flow Chapter 3: Client-Side Web Applications Flow Chapter 4: Resource Owner Password Flow Chapter 5: Client Credentials Flow Chapter 6: Getting Access to User Data from Mobile Apps Chapter 7: OpenID Connect Authentication Chapter 8: Tools and Libraries References