Programming Books C Java PHP Python Learn more Browse Programming Books
Getting Started with OAuth 2.0 and over one million other books are available for Amazon Kindle. Learn more
Buy New
$19.70
Qty:1
  • List Price: $22.99
  • Save: $3.29 (14%)
FREE Shipping on orders over $35.
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Getting Started with OAut... has been added to your Cart
Trade in your item
Get a $2.00
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Getting Started with OAuth 2.0 Paperback – February 29, 2012

ISBN-13: 978-1449311605 ISBN-10: 1449311601 Edition: 1st

Buy New
Price: $19.70
39 New from $12.17 13 Used from $13.95
Amazon Price New from Used from
Kindle
"Please retry"
Paperback
"Please retry"
$19.70
$12.17 $13.95
Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

$19.70 FREE Shipping on orders over $35. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Getting Started with OAuth 2.0 + RESTful Web Services Cookbook: Solutions for Improving Scalability and Simplicity + RESTful Web APIs
Price for all three: $74.38

Buy the selected items together

NO_CONTENT_IN_FEATURE

Shop the New Digital Design Bookstore
Check out the Digital Design Bookstore, a new hub for photographers, art directors, illustrators, web developers, and other creative individuals to find highly rated and highly relevant career resources. Shop books on web development and graphic design, or check out blog posts by authors and thought-leaders in the design industry. Shop now

Product Details

  • Paperback: 82 pages
  • Publisher: O'Reilly Media; 1 edition (February 29, 2012)
  • Language: English
  • ISBN-10: 1449311601
  • ISBN-13: 978-1449311605
  • Product Dimensions: 0.2 x 6.7 x 9.2 inches
  • Shipping Weight: 4 ounces (View shipping rates and policies)
  • Average Customer Review: 3.8 out of 5 stars  See all reviews (17 customer reviews)
  • Amazon Best Sellers Rank: #426,927 in Books (See Top 100 in Books)

Editorial Reviews

Book Description

Programming clients for secure web API authorization and authentication

About the Author

Ryan Boyd is a developer advocate at Google focused on enabling developers to extend Google Apps and build businesses on top of Google technology. He previously worked on OpenSocial and led the developer relations team for Google’s AtomPub APIs. Prior to joining Google, Ryan worked in higher education as a web architect for RIT’s central web hosting environment and as web app developer building admissions and student systems.


More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

3.8 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

8 of 8 people found the following review helpful By Antonio Zugaldia on March 19, 2012
Format: Paperback
I've been looking for an OAuth 2.0 book for a while. The specification is still being developed while, at the same time, big Internet players like Google, Facebook, Yahoo, or Twitter are already using some flavor of it. Although as a developer you'll eventually rely on a library to abstract most of the complexity, you still want to understand the big picture. And because OAuth 2.0 is still an ongoing process, the situation is a bit of a mess right now where each authorization server is implementing different revisions with subtle differences.

This is where this book comes in. In about 60-70 pages it clarifies the current situation. It starts providing a historical introduction to the protocol and how it's related with initiatives pre-OAuth 1.0 and with OAuth 1.0 itself (removal of proprietary technologies, improved security). You'll learn the rationale behind this revision (new client profiles in particular) and some of the key features still under discussion. In particular "signatures", where Eran Hammer, the protocol editor, is openly opposed to not including them (and after reading his thoughts, I think he's right).

One chapter I specially loved is the one dedicated to OpenID Connect, the next evolution of OpenId. I've seen developers confused about the differences between OAuth (authorization) and OpenID (authentication) and this book differentiates them well. Interestingly, although they still keep different purposes, the new OpenID Connect will now be developed on top of OAuth-which makes sense, as you'll find out in the book.

The code accompanying the text is just fine. You'll see some actual implementations of the workflow in PHP and JavaScript that are easy to read (even a Google App Engine Python at the end - which I appreciate).
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
9 of 10 people found the following review helpful By Mark L. on April 11, 2012
Format: Paperback
Getting Started with OAuth 2.0 by Ryan Boyd is a small book that provides a fair introduction to OAuth 2.0. I think it does a great job at explaining the fundamentals and has a good structure in covering the various applications flows: server-side, client-side, resource owner password, and client credentials. However, even though it's a short book, I find it a bit too verbose for the material covered. It also tries to be helpful in providing tips, recommendations, and the idiosyncrasies of Google's and Facebook's implementations, all scattered throughout the text, which unfortunately is a distraction.

I'd recommend this book if you are new to OAuth and want to read it on a flight. Otherwise, there are online resources that are just as useful. For example, Google's Using OAuth 2.0 to Access Google APIs seems to cover almost as much content as this book.
2 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
4 of 4 people found the following review helpful By Cartoon Head on July 23, 2013
Format: Paperback Verified Purchase
First, be aware that this book is just 1/8" thick and 66 pages (of which maybe 50 pages are actual content). I mention that because there are books double this price point that contain 600+ pages of actual content. As value goes, the relative price for this book should be closer to $10 or less.

If you are new to this concept, you will still be confused after reading this. The author is not a good teacher, and the presentation style is very formal and technical. The diagrams are not really useful. You can definitely tell this was written by a highly technical person.

The examples are written in PHP. If you use a different language (VS C# or VB), you'll need to translate it on your own.

Most of the information in this book can be found online in the exact same technical format.

I already knew some things about OAuth and just needed a refreshed, so I got what I needed from it. But a "Getting Started" book should be a lot clearer and easier for anyone (with NO experience in the topic) to read and pick up the concepts quickly. This book fails in that regard.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By R. Pokkyarath on November 10, 2012
Format: Paperback
A great book for client side developers. The flows--server side web application, implicit grant, 2 legged, mobile, OpenID Connect--are explained in easy to understand PHP and JS snippets. As some of the other reviewers have pointed out, if you are looking for a server side implementation, then this book won't help; in that case you may want to directly head over to the specs (1 & 2) and actually they aren't that bad (am currently going through 5849 to get a historical perspective and better understand the disagreements expressed by Eran Hammer and I'm finding it to be pretty well written)
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Kindle Edition Verified Purchase
The book is good !!! The details of different sections i.e. security, cashing etc are covered correctly but precise. It would be even better if the details covered could have little descriptive with examples and code snippets (in either of language). I felt, few key terms like etag and gzip (used commonly) should be more descriptive. My overall review is good to those starting up on OAuth. If the intentions of Ryan were to get introduced with main concepts by this book, this book just did it.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Format: Kindle Edition Verified Purchase
If you want the same information, you can simply read the spec (for example, here: [...])... So far as I can tell, the diagrams are even taken directly from the RFC and prettied up.

Still - this book wades through a lot of the technical jargon and extracts the more mainstream and interesting bits. It also provides good example code for implementing some of the flows (using PHP) which is handy for seeing the protocol in practice.

Overall, I feel that this is an excellent 'getting started' book and would recommend it for anyone wrestling with the various SSO solutions.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews


What Other Items Do Customers Buy After Viewing This Item?