Others have made such great explanations as to what OAuth is and what it does like Eran Hammer-Lahav’s post so I won’t repeat it.

I will say that OAuth should make the Internet a little bit safer by giving the technical means to remove the need of a certain service asking the user to give his/her username and password to access another service that that user is also using.

OAuth is to credentials delegation what OpenID is to authentication. An open standard for delegating a user’s credentials between services, the same way OpenID is an open standard for authentication.

It is important to note, however, that OAuth is not limited to be used with OpenID only. It CAN be used with ANY authentication scheme both open and proprietary.

After all, some of the main mantras of OAuth were that we don’t want to reinvent the wheel(s) and we want OAuth to play nicely with everyone.

I’m contributing to the working group of OAuth and we just released the first public draft for OAuth 1.0. Take a look, read the spec and share your thoughts and comments with us!

OAuth – another brick in the open standards wall of authentication, credentials delegations and ultimately identity.