Home

OpenAuth Overview

Enable the Subscriptions block here!

What it is:

The AOL Open Authentication API (OpenAuth) empowers third-party web sites and applications to authenticate AOL and AIM users through their Web Sites/Applications. An AIM or AOL-registered user can now log into a third-party Web Site/Application and seamlessly access AOL services or new services built on top of AOL services. Using the AOL Open Authentication API, external Web Sites/Applications can call AOL's Secure Login Page and get an Authentication Token once they receive permission via AOL's Secure Consent Page. Then they can use the Token to access AOL/AIM Open Web Services.

In the typical usage illustrated below, the AIM/AOL member successfully accesses his/her Buddy List directly through the external site once all the appropriate handshakes and validations have occurred between the user, the external site, OpenAuth API, and AOL's backend. In other words, now third-party implementations can securely offer cool new applications and services to a vastly expanded base of users.



OpenAuth Sample Interaction Flow

What it does:

The AOL Open Authentication API (OpenAuth) can be used by a Web Site/Application to

  • use AOL's Identity based Open Services (ex. Web AIM)
  • provide personalized services (using AOL Services or not) to millions of AOL/AIM Users

To the end users, the AOL OpenAuth API provides

  • Secure way to SignIn
    • User's credentials are never exposed to the Web Sites/Applications the user is Signing into
  • Secure way to control which Sites are allowed to read their private/protected content
    • Permissions are not granted automatically (unless they select "Allow Always" on the Consent Page)
    • User is asked for consent whenever the Web Site/Application tries to read any private/protected content
    • Ex. separate consent requests to allow BuddyList Info, to send IM, to read albums, etc..
  • Access to other non AOL web sites without the need to create a new user account at each of them that support AOL OpenAuth APIs.

As a developer you would be able to build great Web Applications in less time without worry about maintaining your own Identity Management Systems.

» Submitted by Developer Network on April 16, 2007 - 7:24am.