> CA Technologies > A How-to Guide to OAuth & API Security

A How-to Guide to OAuth & API Security

Published By: CA Technologies
CA Technologies
Published:  Aug 22, 2017
Length:  12 pages

OAuth is an emerging Web standard for authorizing limited access to applications and data. It is designed so that users can grant restricted access to resources they own—such as pictures residing on a site like Flickr or SmugMug—to a third-party client like a photo printing site. In the past, it was common to ask the user to share their username and password with the client, a deceptively simple request masking unacceptable security risk. In contrast to this, OAuth promotes a least privilege model, allowing a user to grant limited access to their applications and data by issuing a token with limited capability.



Tags