Site icon API Security Blog

OAuth is a magical loophole that completely relieves you of the burden of having to remember ten thousand passwords.

Through this magic, instead of creating an account on every website and password combination imaginable, all your logins are provided by another provider’s credentials (for example, Facebook or Google).

It’s been reported as one way for users’ accounts to be stolen even with strong security measures in place. So it might be wise to go ahead and delegate responsibility for authorizing these connections.

Tokens are a type of key that an API provider and consumer share to identify the individual. It is advantageous for both parties
https://t.co/TStRyfEVtK

Exit mobile version