• Hewlett Packard
  • Microsoft
  • Salesforce.com
  • eBay
  • Amazon Web Services
  • Conduit
  • Curl
  • EMC Corporation
  • Force10 Networks
  • Intuit Quickbase
  • Keynote Systems
  • LiveWorld
  • NeuStar
  • ONEsite
  • OpSource
  • S60
  • Sun Microsystems
  • Acquia
  • Ascentium
  • awareness
  • BlueArc
  • Coradiant
  • Dixero
  • HiveLive, Inc.
  • Intel
  • Jive Software
  • Kablink
  • Kapow Technologies
  • LithiumTechnologies
  • Mzinga
  • Octopz
  • Panther Express
  • RightScale
  • SynthaSite
  • TripAdvisor
  • WebAsyst LLC
  • XBOSoft
  • ACM Queue
  • Backbone Magazine
  • Berlin Partner
  • CenterNetworks
  • Contentinople
  • Deal
  • Dr. Dobbs
  • Enterprise Technology Management
  • Fast Company
  • I Want Media
  • ITtoolbox
  • Mashable
  • MSDN Magazine
  • Next New Networks
  • PR Newswire
  • ProgrammableWeb
  • SitePoint
  • Slashdot
  • Social Media Today
  • SourceForge.net
  • TechCrunch
  • TechNet
  • Technorati
  • Topix
  • Webgrrls
  • Wired
  • WOW

Sponsor & Exhibitor Opportunities

Kelly Stewart

Media Sponsor Opportunities

Matthew Balthazor
(949) 223-3628
Deadline for requests: July 1

Speaker / Program Ideas

Have a suggestion for a speaker or topic at Web 2.0 Expo New York? Send an email to: ny-idea@web2expo.com

Press/Media Inquiries

Maureen Jennings
(707) 827-7083
Natalia Wodecki

Contact Us

View a complete list of Web 2.0 Expo contacts.

Advanced OAuth Wrangling

4:10pm Thursday, 09/18/2008
Topic: Development
Location: 1A08 & 10

OAuth is poised to be one of the most important new standards in 2008 for anyone building with identity, social platforms, or APIs. A simple standardization of delegated token auth, OAuth makes it straightforward to offer and consume APIs for a class of data under represented in the current set of API offerings — data about people, data that people want to keep private, and identity itself.

Since we published the OAuth 1.0 Core standard (Nov. 2007), Google, Yahoo!, MySpace, Twitter, Digg, Pownce, Hyves, and many more have all announced their support. In 2008, if you want to mashup a person’s Digg history, their Google friends, their favorite photos on Flickr, and send it to Twitter, or any variation thereof, you’ll be using OAuth.

So you’re interested. Now its time to take the next step.

This talk covers why we designed OAuth the way we did, why it works, when it works, and when it doesn’t. And more importantly, how to make OAuth work for you and your project.

Using real world examples from our experience running OAuth predecessor Flickr Auth, the OAuth standardization process, and work on the new FireEagle API from Yahoo!, the talk will cover:

  • How to use OAuth in a mobile environment
  • How OAuth is useful for open source tools
  • How to adapting existing APIs to use OAuth
  • Security considerations, and implications
  • How to extend and adapt the OAuth specification to your needs

Bring your own OAuth questions, troublesome API, and architecture puzzlers, and we’ll see if we can wrangle those as well.

Photo of Kellan Elliott-McCrea

Kellan Elliott-McCrea

Blink Health

Kellan works as a Hackr on Flickr’s pioneering approaches to engineering the social. He co-authored the OAuth 1.0 Core specification as the first step towards organizing a mass data jail break, and radical decentralization.