This session will outline what OAuth is, why it is important and how to write an OAuth client to an existing web API. Attendees are assumed to have some web development experience.

This is a joint event with the BCS Hampshire Branch, BCS Open Source SG and Solent University. Free and open to both BCS and Non-BCS Members, but please booking required as limited numbers.

One key element of web security is trust. Do you really want to give away your login credentials to any website, without knowing about its security standards? Probably not. OAuth is a protocol which allows users to grant client applications the right to carry out operations on their behalf with larger web services and APIs (providers), without the client application ever knowing their credentials. This is done by the user logging into the provider, which then issues a token to the client app to carry out operations on the user’s behalf. In this way, the client app, which may not have such strong security as the provider, need never know the user’s credentials.

This session will give a high-level overview of how OAuth works and will cover how to develop a web-based OAuth client, with an accompanying hands-on practical exercise.

Attendees are expected to have some server-side web development experience and should have basic command-line skills.

Dr. Nick Whitelegg is a senior lecturer in Computing at Southampton Solent University and teaches on a range of undergraduate software development courses including Android and web development. He has contributed software and data to the OpenStreetMap mapping project and has developed an open source mapping site and associated tools for walkers.