Irish Social Media? EasyConnect O’Auth
Posted by P. Krishna on Thu, Sep 08, 2011
Sean waves his RFID-enabled badge at the "Like" kiosk positioned near the 2012 flaming red SL550 Roadster at an auto-show, and his Facebook page gets immediately posted with “Sean Likes the 2012 Mercedes-Benz 382 HP, 5.5L V8, SL550 Roadster.” Moments later, Sean slides into the new leather of the SL550 and Click his photo is automatically posted to his Facebook page with a comment that engages his social network.
All this without Sean having to log into Facebook, fumble with his phone or be distracted from having fun! ODIN’s EasyConnect application is able to post to Sean's Facebook Wall without requiring him to enter his credentials for every update. The reason why? We call it Irish Social Media.
In the traditional client-server interaction, the client authenticates him/herself
by entering the credentials (username/password) on the server, thereby being able to access the resources hosted by the server. For example, Sean logs in directly to Facebook to access his Facebook page.
However, the EasyConnect interaction is a departure from the traditional client-server paradigm; in the EasyConnect case, there are three players: Sean (resource owner), EasyConnect (client) and Facebook (server where the resource resides).
EasyConnect is the 3rd party client application that is able to act on behalf of the resource owner (i.e., Sean) and update the server (i.e., Facebook).
The scalable way to achieve this is using an IETF standard called Oauth (RFC 5849). Oauth enables 3rd party access to resources residing on a server without requiring the resource owner to enter his/her credentials. Oauth can also limit the access in terms of scope and time. At ODIN that's the Irish par O'Auth!
This way, the resource owner doesn’t have to share his server username/password with the 3rd party application, thereby removing the risk of getting compromised. And secondly, it obviates the need for the resource owner to create and remember a new account (i.e., username/password) on the client application. It is a safe and secure way of creating a Social Media Experience in the real world.
If you have used EasyConnect, you are using Oauth. If you have linked your Twitter account to your LinkedIn and Facebook accounts, you are using Oauth.
More on Oauth and EasyConnect in future posts ….