This HTML5 document contains 53 embedded RDF statements represented using HTML+Microdata notation.

The embedded RDF content will be recognized by any processor of HTML5 Microdata.

PrefixNamespace IRI
n22http://oauth.net/documentation/
dctermshttp://purl.org/dc/terms/
atomhttp://atomowl.org/ontologies/atomrdf#
n23http://oauth.net/core/1.0/
foafhttp://xmlns.com/foaf/0.1/
n7http://vos.openlinksw.com/dataspace/services/wiki/
oplhttp://www.openlinksw.com/schema/attribution#
n2http://vos.openlinksw.com/dataspace/owiki/wiki/VOS/
n15http://step2.googlecode.com/svn/spec/openid_oauth_extension/drafts/0/openid_oauth_extension.
n13http://ods.openlinksw.com/dataspace/dav/wiki/ODS/
dchttp://purl.org/dc/elements/1.1/
n4http://vos.openlinksw.com/dataspace/dav#
rdfshttp://www.w3.org/2000/01/rdf-schema#
n8http://xml.coverpages.org/draft-dehora-farrell-oauth-accesstoken-creds-00.
n6http://rdfs.org/sioc/services#
n29http://vos.openlinksw.com/dataspace/person/dav#
siocthttp://rdfs.org/sioc/types#
n19http://www.hueniverse.com/hueniverse/2007/09/explaining-oaut.
n9http://xml.coverpages.org/draft-hammer-oauth-00.
n5http://vos.openlinksw.com/dataspace/owiki/wiki/
n20http://www.hueniverse.com/hueniverse/2007/10/beginners-gui-1.
n14http://groups.google.com/group/
n10http://www.hueniverse.com/hueniverse/2008/10/beginners-guide.
rdfhttp://www.w3.org/1999/02/22-rdf-syntax-ns#
n11http://vos.openlinksw.com/dataspace/owiki#
n12http://oauth.net/core/1.
xsdhhttp://www.w3.org/2001/XMLSchema#
n18http://vos.openlinksw.com/dataspace/owiki/wiki/VOS/OAuth/sioc.
n28http://vos.openlinksw.com/dataspace/person/owiki#
siochttp://rdfs.org/sioc/ns#
Subject Item
n29:this
foaf:made
n2:OAuth
Subject Item
n4:this
sioc:creator_of
n2:OAuth
Subject Item
n7:item
n6:services_of
n2:OAuth
Subject Item
n11:this
sioc:creator_of
n2:OAuth
Subject Item
n5:VOS
sioc:container_of
n2:OAuth
atom:entry
n2:OAuth
atom:contains
n2:OAuth
Subject Item
n2:VirtuosoOdsControllers
sioc:links_to
n2:OAuth
Subject Item
n2:OAuth
rdf:type
sioct:Comment atom:Entry
dcterms:created
2017-06-13T05:37:43.879159
dcterms:modified
2017-06-29T07:34:51.972849
rdfs:label
OAuth
foaf:maker
n28:this n29:this
dc:title
OAuth
opl:isDescribedUsing
n18:rdf
sioc:has_creator
n4:this n11:this
sioc:content
%META:TOPICPARENT{name="OpenLinkVirtuoso"}% ---++ What is OAuth? The OAuth protocol enables websites or applications (<i>Consumers</i>) to access Protected Resources from Web services (<i>Service Providers</i>) via an API, without requiring Users to disclose their Service Provider credentials to those Consumers. More generally, OAuth creates a freely-implementable and generic methodology for API-oriented authentication. For <i>Consumer</i> developers, OAuth is a method to publish and interact with protected data. For <i>Service Provider</i> developers, OAuth gives users access to their data while protecting their account credentials. One use case would be allowing a printing service, printer.example.com (the Consumer), to access private photos stored on photos.example.net (the Service Provider), without requiring Users to reveal their photos.example.net credentials to printer.example.com. ---+++ Why is it important? OAuth allows the user to selectively grant access to their private resources housed on one site (called the <i>Service Provider</i>), to another site (called the <i>Consumer</i>). In other words, OAuth enables you to grant access to some of your information without sharing all of your identity. OAuth does not require a specific user interface or interaction pattern, nor does it specify how Service Providers authenticate Users, making the protocol ideally suited for cases where authentication credentials are unavailable to the Consumer, such as with OpenID. OAuth aims to unify the experience and implementation of delegated web service authentication with a single, community-driven protocol. OAuth builds on existing protocols and best practices that have been independently implemented by various websites. An open standard, supported by large and small providers alike, promotes a consistent and trusted experience for both application developers and the users of those applications. ---+++ How does it work? What is publicly known as <i>"OAuth"</i> is really the <i>"OAuth Core 1.0"</i> specification. The <i>"Core"</i> designation is used to stress that this is the skeleton upon which other extensions and protocols may be built. OAuth Core 1.0 does NOT by itself provide many desired features such as automated discovery of endpoints, language support, support for XML-RPC and SOAP, standard definition of resource access, OpenID integration, a full range of signing algorithms, or any number of other great ideas posted to the OAuth group. This was intentional and is viewed by the authors as a benefit. As the name implies, Core deals only with the most fundamental aspects of the protocol: * Establish a mechanism for exchanging a username and password for a token with defined rights * Provide tools to protect these tokens More details can be found [[http://oauth.net/documentation/getting-started][here]]. ---++ What are OAuth Access Tokens? Credentials bearing tokens enable a user to provide their credentials in tokenized form in cases where HTTP redirection to a browser plus human interaction is unavailable or unsuitable. For example, intermediary intelligent agents, mobile phones, or set-top devices. ---+++ How does it work? ---++++ Request Authentication To request an Access Token in this model, the Consumer makes an HTTP request to the Service Provider's Access Token URL. The authentication request contains [nine] parameters contained in the HTTP Authorization header or as URL parameters. Parameter names and values must be "percent-encoded" to handle characters in different character sets. The request should be performed using TLS, and should use HTTP POST. ---++++ Receive Authentication Before granting an access token, the Service Provider must ensure that the request signature has been successfully verified as per OAuth, that a request with the supplied timestamp and nonce has never been received before, and that the supplied username and password match a User's credentials. If successful, the Service Provider generates an Access Token and Token Secret using a 200 Ok response and returns them in the HTTP response body. ---++++ Access Protected Resources After successfully receiving the Access Token and Token Secret, the Consumer is able to access the Protected Resources on behalf of the User as per section 7 of the OAuth core specification. In other words, the Access Token obtained here is no different in capability to the Access Token specified by OAuth. Once authenticated using the above process, the Consumer will sign all subsequent requests for the User's Protected Resources using the returned Token Secret. ---++ Additional Information ---+++ General OAuth Information * [[http://www.hueniverse.com/hueniverse/2007/09/explaining-oaut.html][Explaining OAuth]] * [[http://www.hueniverse.com/hueniverse/2007/10/beginners-gui-1.html][Visual OAuth Usage Example]] * [[http://www.hueniverse.com/hueniverse/2008/10/beginners-guide.html][OAuth Beginners Guide - Part 3]] * [[http://oauth.net/core/1.0][OAuth specification]] * [[http://oauth.net/documentation/getting-started][Getting Started with OAuth]] * [[http://xml.coverpages.org/draft-dehora-farrell-oauth-accesstoken-creds-00.txt][OAuth Access Tokens Using Credentials specification]] * [[http://xml.coverpages.org/draft-hammer-oauth-00.txt][OAuth: HTTP Authorization Delegation Protocol specification]] * [[http://groups.google.com/group/oauth][Google OAuth Group]] * [[http://step2.googlecode.com/svn/spec/openid_oauth_extension/drafts/0/openid_oauth_extension.html][OAuth & OpenID Combined]] - Protocol Extension ---+++ Virtuoso- and OpenLink-specific OAuth Information * [[VirtuosoOAuthServer][Virtuoso OAuth server]] * [[VirtAuthServerUI][Virtuoso Authentication Server UI]]. * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthControllers][Using OAuth with ODS]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquity][ODS Ubiquity Commands]] * [[VirtOAuth][Virtuoso OAuth Implementation]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsControllers][ODS Controllers]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtODSOAuthQA][Testing Virtuoso OAuth with 3rd Party OAuth Clients]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquityTutorialsOAuth][OAuth Ubiquity Tutorial]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthTestTool][Virtuoso OAuth Test Tool for ODS Controllers]] * [[VirtOAuthSPARQL][Virtuoso SPARQL OAuth Tutorial]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtuosoOdsUbiquityTutorials][ODS Ubiquity Tutorials]] * [[http://ods.openlinksw.com/dataspace/dav/wiki/ODS/VirtOAuthExamples][OAuth Applications Authentication examples]] * [[http://oauth.net/core/1.0/][OAuth API]]
sioc:id
673744f3c25674f26f1376128c1c3160
sioc:link
n2:OAuth
sioc:has_container
n5:VOS
n6:has_services
n7:item
atom:title
OAuth
sioc:links_to
n2:OpenID n8:txt n9:txt n10:html n12:0 n13:VirtOAuthControllers n13:VirtuosoOdsUbiquityTutorials n14:oauth n15:html n13:VirtOAuthTestTool n13:VirtuosoOdsUbiquityTutorialsOAuth n13:VirtuosoOdsUbiquity n13:VirtODSOAuthQA n19:html n20:html n13:VirtOAuthExamples n22:getting-started n23: n13:VirtuosoOdsControllers n2:OpenLink
atom:source
n5:VOS
atom:author
n29:this
atom:published
2017-06-13T05:37:43Z
atom:updated
2017-06-29T07:34:51Z
sioc:topic
n5:VOS
Subject Item
n2:VirtOAuth
sioc:links_to
n2:OAuth
Subject Item
n2:VirtuosoOAuthServer
sioc:links_to
n2:OAuth
Subject Item
n2:VirtODSOAuthQA
sioc:links_to
n2:OAuth