Book “OAuth 2.0 Identity and Access Management Patterns” is available

I’m proud to announce that the first book I authored, OAuth 2.0 Identity and Access Management Patterns, is out and available for purchase.

 Background

OAuth 2 is a protocol with which I had been working with at my day-job on several occasions, so the practical experience and previous research done on this topic was very useful (just to note, I have been working with OpenID and Persona as well).

When the team at Packt Publishing contacted me, I was happy to author a book on this topic.

 What is the book about?

First a short intro on OAuth: We use OAuth every day, for example: I want my Foursquare check-ins to be auto posted on Facebook. So I go in Foursquare and say add Facebook account. Then I am redirected to Facebook where it asks me if I want to approve the application request – where I say yes or no – and then I am redirected back to Foursquare. In this final step, if the decision was yes, Foursquare gets a unique ‘token’ for my Facebook user, and with that one it can post status updates in my name.

So OAuth basically specifies how this protocol of authorization should work and which data is exchanged in the background between the servers and applications. OAuth 2 is in use by all ‘big players’: Google, Amazon, Facebook, LinkedIn, and so on… so the previous question whether it is a hot topic? It may not be the hottest topic at the moment, but it’s a pretty important one.

The book (in short): Covers how to implement OAuth 2 in all types of applications, web, client-side, desktop, mobile; explains the protocol in detail and outlines security precautions that should be taken in consideration. Altogether with code examples.

 But, aren’t there already books on OAuth 2?

Yes there are. What is different about this book:

 What do I get as a reader?

Key features of this book are:

 On which information is the book based?

When writing the book I did extensive research on RFC documents that deal with OAuth 2, these are the main ones:

 Feedback

If you red the book and have a comment or an opinion, let me know! If you found something that you think can be improved in the book, go to Packt’s book page and submit errata on the Support section. Thanks!

 
24
Kudos
 
24
Kudos

Now read this

Publishing developer documentation

While searching for a nice and easy way to publish developer documentation and make it available to other folks I found several options, so I’m sharing them here in this short-but-informative post. The main distinction between the... Continue →