Saturday, January 09, 2010


OAuth WRAP (Web Resource Authorization Protocol) - a simplified version of OAuth. OAuth WRAP is not much different than OAuth except that a client only has to pass the Access Token in the HTTP Authorization header, so it completely eliminates the need for signatures. All server-to-server WRAP calls happen via SSL.
I think it is a future of OAuth. The current spec is not very usable, especially for the mobile services. With WRAP there is no need for the special libraries.

No comments: