Friday, March 25, 2016

Ever wondered how "Sign In with Facebook" Works? - OAuth Take 1

I am sure by now, you like me would have given up remembering 1001 username and passwords for each different site that you visit and would be simply benefiting from using your "Social Identity" while registering / signing in to your favourite news, music or online shopping site. 

This trick/technique of sign in with social identity has become extremely popular because it is beneficial for all the three parties involved in the picture. Let's see how and maybe these benefits will also encourage you to use social identity if not already!

1. For You, The King - Multiple advantages. Firstly, it saves your time registering for a new account on a website specially those which you might use rarely. Secondly, it also saves you from remembering the passwords of those sites you will visit regularly. Thirdly, if you are already signed-in to your social identity provider, signing in into other sites becomes a single click approach. Finally, in some cases, it provides a simple mechanism for you to import your photos (from say Facebook) into a photo manipulation service or also share your Quora post among friends on Facebook

2. For your favourite news site - They don't have to implement a complex registeration/sign-in mechanism of their own and can benefit from the fact that you usually would already have an account with at-least one of the popular social identity providers. Also, some of them sneak in other benefits and ask you to provide additional permissions to view all your friends so that they can reach out to them and to the extreme level, post on your behalf on your timeline or twitter feed. In some cases as I talked above, this can also be mutually beneficial to you to import your comment or share your post on another site but you need to be very careful before allowing any such additional access

3. For the social identity provider - Putting in a phrase - it's making them popular among more people and their presence in more places so that they can make more money through ads :-)

Of course, since all the top companies out there are using this approach, it better be secure. Sure it is. This social identity login is based on a sophisticated Authorization Framework called OAuth2.  The introduction of the OAuth spec reads


   The OAuth 2.0 authorization framework enables a third-party
   application to obtain limited access to an HTTP service, either on
   behalf of a resource owner by orchestrating an approval interaction
   between the resource owner and the HTTP service, or by allowing the
   third-party application to obtain access on its own behalf

Ok, I know many of us will stop after reading the intro of the spec, but wait lets simplify this - focus on the three red words above - third-party application, HTTP service and the resource owner.

The third party application here is your favourite news site - it is the third party both with respect to you and Facebook whose login you will use. The HTTP service is Facebook or any other social identity provider - it is a web service in itself. You, The King is the resource owner - you are called so since you are the one who is trying to sign in and  after which whose resources i.e information be as little as your name/email (notice the word limited access) or as much as your complete profile and photos (still limited if you really think what all Facebook knows of you) will be shared

Now, the above intro basically becomes (ignore the approval part for now)

   OAuth is a authorization technique which enables a news site (third-party
   application) to obtain limited access to Facebook (HTTP service), on
   behalf of You (resource owner). This access allows the news site 
   to do different things based on how limited access it has - be it from 
   fetching your name/email from Facebook to register/sign in into itself or
   posting the comment you added on a news article to your Facebook timeline

Sounds interesting? We'll cover how this is achieved in our next post!



28 comments:

  1. Nice post.I am more than ever impressed through your approach of look in this blog. It shows your visualization. important attempt you take in through in this blog. Thanks for sharing. Kochi taxi cabs offers wonderful excursion by agreeable all the transportation solicitations of the voyagers. The best taxi administration is constantly effective in its administrations, which makes the main taxi administration in kochi.

    ReplyDelete

  2. Facebook implements a technology called OAuth, which is a way for one website to use another for purposes of authenticating users.

    buy college essay

    ReplyDelete
  3. I am more interested in how this is achieved ,when you are going to cover it?
    By providing Research Methodology Writing help service, we make research easier for students.

    ReplyDelete
  4. Launch the mobile app and tap the three level lines in the upper right corner, then look down to and select Account Settings. BuyRealMarketing.com buy facebook likes and followers

    ReplyDelete
  5. If the button has been set up correctly, the website can also be placed on other parts of the Facebook user's profile by using "tags".http://www.thesocialguys.co.uk

    ReplyDelete
  6. how to open a disabled account on facebook..
    Buy Twitter Followers Uk

    ReplyDelete
  7. As a rule of thumb, you should endeavor to avoid taking irrelevant or trite pictures, which are commonly seen by people every day. In the word of Nick Bilton who works for the New York Times, (his Instagram account has more than fifty thousand followers) "people are more likely to admire you for quality over quantity - yes you may well take a fancy picture of your Starbucks cup but if I don't know who you are and your photo is generic, I won't be monitoring you. At instagram, "think quality" rules!
    http://followersuk.co.uk/

    ReplyDelete
  8. Of course, since all the top companies out there are using this approach, it better be secure. Sure it is. This social identity login is based on a sophisticated Authorization Framework called OAuth2. The introduction of the OAuth spec reads

    ReplyDelete
  9. I just couldn't leave your website before telling you that I truly enjoyed the top quality info you present to your visitors? Will be back again frequently to check up on new posts. Buy Facebook Organic Reviews

    ReplyDelete
  10. People who use Instagram always want more followers. If they are new, they want more followers, and if they have used Instagram for years, they want more followers. media marketing

    ReplyDelete
  11. Thank you very much for keep this information. Buy Facebook Accounts

    ReplyDelete
  12. I am in fact thankful to the holder of this web page who has shared this impressive post at here.Buy Instagram Followers Australia

    ReplyDelete
  13. Instagram is one of the best and most effective social media marketing platform for brands. Buy Instagram Likes UK gives your profile an initial boost and take your brand presence on the top.

    ReplyDelete
  14. The information that you provide is both up_to_date and according to our need and vital for me and it was essential that the information was as accurate as it could be. In future , i hope u will also write sach informative note. Buy Instagram Followers UK

    ReplyDelete
  15. Hello, it’s me, I am also visiting this web site regularly, this web page is in fact fastidious and the visitors are really sharing nice thoughts.
    Printed Stickers UK
    Sticker Printing Press
    Online Instant Printing
    Happy Birthday Wishes for Friends

    ReplyDelete
  16. I am more interested in how this is achieved ,when you are going to cover it?new birthday wishes

    ReplyDelete
  17. I am more interested in how this is achieved ,when you are going to cover it?new birthday wishes
    https://www.newbirthdaywishes.com

    ReplyDelete
  18. I am more interested in how this is achieved ,when you are going to cover it?new birthday wishes.
    Custom Packaging Boxes

    ReplyDelete
  19. It is very informative post thanks for sharing the information.
    Branding Product Boxes
    bulk Retail Boxes

    ReplyDelete
  20. Very informative post ! There is a lot of information here that can help any business get started with a successful social networking campaign ! I feel a lot more people need to read this, very good info! lip gloss boxes | lip gloss boxes

    ReplyDelete
  21. Thanks for shearing such a useful information. I am looking forward to your next post. Hi Travelportalonline, we build, design and undertake hotel reservation system API integration with our talented in-house team. Our team consists of developers, web designers and project managers, all of whom are extremely passionate and have considerable experience in this field. very nice publish, i definitely love this web site, carry on itsoap wrapping paper | soap wrapping paper

    ReplyDelete
  22. I am grateful to this blog site providing special as well as useful understanding concerning this subject.
    Try to check my webpage on photo frames online

    ReplyDelete
  23. "MyMRO is a specialized and leading brand for supplying construction and agriculture machinery parts for customers worldwide, along with the belief of standing on large variety, fast delivery, OEM quality, and the lowest price. At MyMRO, always have what you need, always at low prices. We are proud of our delivery, specialist service, quality, and pricing that always meets and exceeds our customers' expectations.
    In addition to 1k0820808b, you can also buy other models or other parts of Excavators, Forklift, Aerial Work Platforms AWP on our website."

    ReplyDelete
  24. PhD students worry due to submission deadline of dissertation projects. PhD students assign dissertation projects with submission deadline. Students want to ensure to deliver quality dissertation buy dissertation online in UAE

    ReplyDelete
  25. I appreciate your ability to blend informative content with a touch of humor. Your blog is not just educational but also an enjoyable read.

    Marble Company in Ras Al Khaimah

    ReplyDelete