Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Intro to OAuth2

The hybris commerce API - OCC - now supports OAuth2, a flexible authorization system. This allows us to connect all kinds of API clients easily. This presentation introduces you to OAuth2 from a mostly client-side perspective.

Sven Haiges

on 8 April 2013

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Intro to OAuth2

Sven Haiges
@hansamann omni-channel commerce Q&A Sven Haiges
@hansamann 600
employees Munich
Montreal 200+
partners 500+
customers techblog.hybris.com 1980 2000 2020 touchpoints OAuth2 intro to ≠ "the OAuth 2.0 authorization framework enables a third-party application to obtain limited access to an HTTP service" http://tools.ietf.org/html/rfc6749 roles resource owner
resource server
authorization server Sally
iPhone App
flickr client resource
owner auth
server resource
server 1 get grant 2 get token 3 access protocol flow ways to get an authorization grant 4 variations of the protocol flow 4 server-side web app
client-side web app
mobile native app authorization
code implicit resource
credentials client
credentials different clients require
different flows Authorization Code Flow Implicit Resource Owner
Credentials Client Credentials * client authentication
* refresh tokens * NO client authentication
* NO refresh tokens
* short-lived and "live" access * client authentication ***
* refresh tokens * client access
Full transcript