top | item 6975752

Poll: OAuth 1.0a or OAuth 2.0 in a Docker container?

15 points| thyb | 12 years ago | reply

We are working on creating a Docker container that makes it easy to become an OAuth provider.

What would you prefer for your apps and why: OAuth 1.0a, OAuth 2.0 or some other protocol?

If you want some other protocol, please add it in the comments

Disclosure : I'm the creator of the open source daemon oauthd and founder of oauth.io.

5 comments

[+] midhem|12 years ago|reply

Why not both? Big companies may prefer 1.0a for security and startups OAuth2.0 for flexibility about permissions and growth with easier integration by partners

[+] pan69|12 years ago|reply

I agree with this. For a Docker container to be valuable to companies (i.e. willing to pay money for it, I assume that's the goal), it should support both.

How are you planning to integrate the Docker container with the business authentication/authorization? LDAP?

[+] nailer|12 years ago|reply

OAuth1's /ridiculously/ complex.

OAuth2 fits in a tweet: get a login URL, user visits it, redirects back to you with an auth code, swap it for an access token.

Out of the major players:

- Google, Microsoft, Facebook, Instagram uses OAuth2.

- Only Twitter uses OAuth 1.

[+] pan69|12 years ago|reply

> OAuth1's /ridiculously/ complex.

That's way a Docker container that does it for you would be so valuable.