Header Image

OAuth 2.0 - Do We Still Need It?


Discover Whether OAuth is Still Relevant, Following the OAuth 2.0 Controversy


Just as the OAuth 2.0 specification – designed as a means of securing APIs and mobile applications – neared completion, the original editor of OAuth 2.0 and author of OAuth 1.0 resigned and removed his name from the specifications. This controversy led some developers to ask whether the protocol was still relevant.

In this interactive town-hall event, originally broadcast live on the Layer 7 Technologies Facebook Page, in the immediate aftermath of the OAuth 2.0 controversy, as part of the Tech Talk Tuesdays series, Francois Lascelles – Layer 7's Chief Architect – discusses whether architects and developers should still use OAuth.


Viewer questions answered in this Tech Talk include:

  • Did the OAuth 2.0 controversy goad the IETF committee into pushing for ratification of the latest draft of the standard?
  • Does the flexibility of the OAuth 2.0 standard mean that people are going to try to use it in situations for which it is not intended?
  • Where can I find examples of solid OAuth 2.0 implementations to pattern my own implementation after?
  • The OAuth 2.0 framework is designed to enable external, third-party apps to gain access to your data, so why would you use it for internal, enterprise apps?


OAuth 2.0 - Do We Still Need It?