OAuth1 Overview

OAuth is an authorization method used to provide access to resources over the HTTP protocol.

Usage

OAuth1 can be used for authorization of various applications or manual user access.

It works by providing an application with an access token (representing a user's permission for the client to access their data) to use for request authentication.

OAuth Versions

There are two versions of OAuth authorization: OAuth 2.0 (using HMAC-SHA signature strings) and OAuth 1.0 (using tokens over HTTPS).

OAuth1 Terms

Conceptually, OAuth1 has a few components interacting:

  • User is a person who want to get access to the protected resource.
  • Consumer is the application or website that uses OAuth to access the Service Provider for the User.
  • Service Provider is the web application that allows access via OAuth.
  • Protected Resource is the data that the user want to access.

Tokens

OAuth1 Authorization uses the Request Token and Access Token to access the resources from the resource server.

Request Tokens

The token containing Consumer Key and Consumer Secret used for asking the service for authorization.

Access Tokens

The token used for accessing the resource.

More Information

Wikipedia Article: OAuth

OAuth Core 1.0