oauth

• #push [[do]]

OAuth is an authentication standard which is widely used to grant permission to access websites and APIs without having to share a user’s password directly.

For the purposes of [[Moa]], OAuth is used by [[Mastodon]] (and Mastodon-compatible systems like [[Pleroma]]), [[Twitter]], and [[Instagram]]. Moa requests access to your accounts on those services on your behalf. OAuth tokens are stored in the Moa database, and you can revoke them at any time.

The OAuth 2.0 standard IETF RFC6749 replaced the 1.0 version in October 2012.

The oauth.net site has excellent background info, including the introduction and history page.

Resources

• Twitter OAuth FAQ
• Mastodon OAuth Docs
• Instagram API Endpoint - OAuth Access Token

oauth

Oauth is an authentication protocol used for [[web services]]. It was created as a way to get around basic HTTP authentication with a username and password.

Oauth roles

resource owner : entity capable of granting access to a protected resource

resource server : server hosting protected resource

client : application making request on behalf of resource owner

authorization server : server issuing tokens for client

Flow :ATTACH:

[[Screenshot from 2021-07-18 12-38-48.png]]

Links

• spec

• [[flancian@social.coop]] https://social.coop/@flancian/110826908796324246 pull

• [[flancian]] https://twitter.com/flancian/status/1520809626262020096 pull