How OAuth Works | How OAUth Works When You Log Into a Site With Facebook, Twitter, Google
On this topic, lets see and understand how OAuth works. But before then, I know the question now is what is OAuth – OAuth simply mean Open (Standard) Authorization. Its mechanism is mostly used by such big companies like Google, Facebook, Twitter and more. How OAuth Works
It is provides to clients a “secure delegate access” to server resources on behalf of a resource owner. In its simplicity, OAuth is used as a way for internet users to authorize websites or applications to access their information on other websites but without giving them the passwords- thereby keeping your password safe. How OAuth Works
Thus, each time you ever log on other third-party website with your Facebook Twitter or Google account by granting the app or site permission to that account, you have simply used OAuth – whether you know it or not, whether you like it or not – And it’s a sure way to keep your passwords and data safe.
How OAuth works
Assume you want to post to your Twitter account, using “Twitpic App”, normally you will have to give the app permission to your account, so it can get your info and then post on your behalf. before now, you will give such app your Twitter Username and Password, so it could log on and access the service. How OAuth Works
Recommended – 10 Important Facebook Privacy settings You Don’t Know
But the problem now is, how do you trust Twitpic, that your password and account is safe with them, now that they have your login details. How are you sure it will not be tampered with by third person through Twitpic?
This is where OAuth comes into play. What it (OAuth) does is that it only gives the app access to the actual things you want it to access. How OAuth Works
Instead of asking for your password, this is what happens; How OAuth Works
1. In order to become a Twitter app, Twitpic has acquired two tokens from the Twitter service: a “Consumer Key” and a “Consumer Secret”. These are what create a connection between the consumer (in this case, Twitpic) and the service provider (in this case, Twitter). How OAuth Works
2. When you visit Twitpic and ask it to access your Twitter account, it will redirect you back to Twitter. If you aren’t logged in to Twitter, you log in now (remember, you’re giving your username and password to Twitter itself, not to Twitpic).
Twitter then asks you whether you want to authorize this app, and tells you what permissions its giving to the app. Maybe it can view your timeline, or maybe it can view your timeline and post on your behalf. In some cases, you may only be giving it access to your username and avatar, for use on some sites. How OAuth Works
It is a very secured way to go about, as Twitter can easily take back the information from the app, meanwhile your password is safe.
And even if the app or the Site (Not Twitter) gets hacked, the hackers may still post on your behalf, and do some other things which you have allowed the app access to do., but all you need do then, is go to your twitter account settings and reverse the access to that that app. Only then, your tokens become useless and your account fully under your control even without changing your password.
How To Change Facebook Ads Currency
The downside of it is that sometimes the app tend to post things on your timeline even things you may not want, such as what you may be doing on their site. Sometimes sites like Google does not tell you the permission you give away when you use OAuth.
To avoid issues and challenges, make sure you read the privacy policy of every app you link, and also pay good attention to the permissions each app is granted. If it does something you don’t want, you may wish to stop using the app. Or alternatively see if the app has options that enable you turn off the “feature” off in the app settings. How OAuth Works
Was this article enlightening? Please make use of the comment box below to make your suggestions and contributions. Thank you!
