Getting Started with OAuth 2.0
Programming clients for secure web API authorization and authentication
Publisher: O'Reilly Media
Final Release Date: February 2012
Pages: 82

Whether you develop web applications or mobile apps, the OAuth 2.0 protocol will save a lot of headaches. This concise introduction shows you how OAuth provides a single authorization technology across numerous APIs on the Web, so you can securely access users’ data—such as user profiles, photos, videos, and contact lists—to improve their experience of your application.

Through code examples, step-by-step instructions, and use-case examples, you’ll learn how to apply OAuth 2.0 to your server-side web application, client-side app, or mobile app. Find out what it takes to access social graphs, store data in a user’s online filesystem, and perform many other tasks.

  • Understand OAuth 2.0’s role in authentication and authorization
  • Learn how OAuth’s Authorization Code flow helps you integrate data from different business applications
  • Discover why native mobile apps use OAuth differently than mobile web apps
  • Use OpenID Connect and eliminate the need to build your own authentication system
Table of Contents
Product Details
About the Author
Recommended for You
Customer Reviews

REVIEW SNAPSHOT®

by PowerReviews
oreillyGetting Started with OAuth 2.0
 
4.0

(based on 7 reviews)

Ratings Distribution

  • 5 Stars

     

    (3)

  • 4 Stars

     

    (1)

  • 3 Stars

     

    (3)

  • 2 Stars

     

    (0)

  • 1 Stars

     

    (0)

86%

of respondents would recommend this to a friend.

Pros

  • Easy to understand (6)
  • Accurate (4)
  • Concise (4)
  • Helpful examples (4)
  • Well-written (3)

Cons

  • Not comprehensive enough (3)

Best Uses

  • Intermediate (4)
  • Novice (4)
  • Student (3)
    • Reviewer Profile:
    • Developer (4)

Reviewed by 7 customers

Sort by

Displaying reviews 1-7

Back to top

 
3.0

Premature now outdated

By per.lauge

from Denmark

Verified Buyer

Pros

  • Easy to understand
  • Well-written

Cons

  • Premature

Best Uses

    Comments about oreilly Getting Started with OAuth 2.0:

    Some guesswork is used before the standard was defined, that means the code examples use HTTP when only HTTPS is allowed.

     
    3.0

    Good overview but superficial

    By Bassman

    from Munich, Germany

    About Me Security

    Verified Buyer

    Pros

    • Easy to understand

    Cons

    • Not comprehensive enough

    Best Uses

    • Novice
    • Student

    Comments about oreilly Getting Started with OAuth 2.0:

    I wanted to learn about OAuth and having read the book I have a better understanding what it is about. It's a much better ead than the specification. The description is quite superficial in some points and I'd prefer to have some more concrete examples.

    If you need to get the idea it's recommended. If you need to write code for it you'll need more in-depth info.

     
    4.0

    Good for beginners

    By raulmercadox

    from Lima, Peru

    About Me Developer

    Verified Buyer

    Pros

    • Accurate
    • Concise
    • Easy to understand
    • Helpful examples
    • Well-written

    Cons

    • Not comprehensive enough

    Best Uses

    • Novice

    Comments about oreilly Getting Started with OAuth 2.0:

    I wanted to know about OAuth 2.0 because I was totally new with this technology. This books is a great first step in this way, but I had to look for complimentary information to fully understand the different profiles mentioned in the book. I found a video in Oreilly which helped me a lot in issue. Then I returned to the book and the rest was so easy to understand. Highly recommended but preferable with complimentary material.

    (3 of 3 customers found this review helpful)

     
    3.0

    Useful but badly written

    By enrico

    from Rome, Italy

    About Me Developer, Educator

    Verified Reviewer

    Pros

    • Less Useless Than Other

    Cons

    • Difficult to understand
    • Not comprehensive enough

    Best Uses

    • Intermediate

    Comments about oreilly Getting Started with OAuth 2.0:

    For me, and probably most people, Oauth was very difficul to understand. The specs and info material available did not help. That's why this book is useful: less useless than the other useless stuff. This may cause some geeks not to notice that it is badly written: verbose but not clear, ambiguous use of terminology, examples in some area are not complete. Given the quality of other information material I have bought and recommend buying this badly written book.

    (1 of 1 customers found this review helpful)

     
    5.0

    Good introduction to OAuth 2.0

    By Lola

    from Kitchener, ON

    Verified Reviewer

    Pros

    • Accurate
    • Concise
    • Easy to understand
    • Helpful examples

    Cons

      Best Uses

      • Expert
      • Intermediate
      • Novice
      • Student

      Comments about oreilly Getting Started with OAuth 2.0:

      Getting Started With OAuth 2.0, by Ryan Boyd, provides an introduction to the latest version of the OAuth protocol. The author starts off by exploring the origins of OAuth, along with its importance, and why developers should care about it.

      The bulk of this book involves a discussion of the various authorization flows that developers will need to consider when developing applications that will incorporate OAuth to manage user access and authorization.

      The author explains in detail which flow is appropriate to use based on the application being developed, as well as how to implement each type with step-by-step examples. Note that the examples in the book are focused on the Google and Facebook APIs. Personally, I would have liked to see some examples with the Twitter API as well.

      In addition to that, the author also discusses security considerations, error handling (what is returned if the access request fails), and access tokens (when are access tokens refreshed, and how access can be revoked).

      This book provides a good starting point for those developers looking to understand what OAuth is and how they can leverage it within their own applications. The book wraps up with a list of tools and libraries that are available to further assist the developer in exploring the OAuth APIs. I highly recommend this book as a must-read for developers at all levels that have not yet been exposed to OAuth.

      (1 of 2 customers found this review helpful)

       
      5.0

      A must read book

      By Hari K T

      from Calicut, Kerala, India

      About Me Developer, Reviewer, Writer

      Verified Reviewer

      Pros

      • Accurate
      • Concise
      • Easy to understand
      • Helpful examples
      • Well-written

      Cons

        Best Uses

        • Intermediate
        • Novice
        • Student

        Comments about oreilly Getting Started with OAuth 2.0:

        This is an awesome book. The author knows what he is saying. When you read the book, you can know how much knowledge he has.
        Shows examples in PHP, Javascript and HTML. PHP is not that much hard, anyone with basic understanding of programming will understand easily. So the book suits to any developer. The book doesn't include or teach you how you can create your own oauth server.

        (1 of 1 customers found this review helpful)

         
        5.0

        Informative for OAuth2.0 core

        By hu

        from Tokyo, Japan

        About Me Developer

        Verified Reviewer

        Pros

        • Accurate
        • Concise
        • Easy to understand
        • Helpful examples

        Cons

          Best Uses

          • Intermediate

          Comments about oreilly Getting Started with OAuth 2.0:

          Each profile of OAuth2.0 spec is explained more precisely than the OAuth2.0 specification and the readers could understand not only the core features but also when each authorization flow should be used or not. The advantage and disadvantage are also introduced. The sample messages of requst/response and the sample codes are also helpful for better understanding of readers. The explanation of the extension API of Google OAuth2.0 server is also useful to grasp the actual available functions for the moment.
          Concerning diagrams showing authorization flow, this book uses same thing with OAuth2.0 spec, some of beginner may take time to understand the actual flow. And authorization server processing like how to create secure authorization code and access token isn't explained at all. I hope such a authorization server aspect is also described in next revised vesion.

          Displaying reviews 1-7

          Back to top

           
          Buy 2 Get 1 Free Free Shipping Guarantee
          Buying Options
          Immediate Access - Go Digital what's this?
          Ebook: $19.99
          Formats:  ePub, Mobi, PDF
          Print & Ebook: $25.29
          Print: $22.99