Over the past week there’s been a variety of incorrect information shared about what’s going on with the OAuth protocol. Chris Messina (Google), Dick Hardt (Microsoft), Eran Hammer-Lahav (Yahoo!), and I (Facebook) wrote this post to help provide a bit more clarity. The OAuth protocol enables users to provide third-party access to their web resources without sharing their passwords; kind of like a
![What's going on with OAuth? - O'Reilly Radar](https://cdn-ak-scissors.b.st-hatena.com/image/square/2f86c9e919284b5e0f1ac04a7374b8a7be8add51/height=288;version=1;width=512/http%3A%2F%2Fs.radar.oreilly.com%2F2010%2F01%2F07%2FOAuth-Shine-148.jpg)