OAuth2 is the open industry-standard protocol for secure authorization of Web APIs. It can be used as a way for users to grant web services or applications access to their data stored in 玩嘉电竞下载注册 and the new generation of 玩嘉电竞下载注册 Clients (Desktop/Android/iOS) fully supports OAuth2-based authorization. The use of OAuth2 in 玩嘉电竞下载注册 greatly enhances security while facilitating the integration of third party applications or web services.
Brought to You by the Community
A student project at the University of Münster kicked this off: Students wanted to connect their 玩嘉电竞下载注册, powered by sciebo , to the Moodle learning platform. This awesome community project was later adopted, professionalized and stabilized by 玩嘉电竞下载注册 engineers.
What Is OAuth2 Good For?
There are several use cases in 玩嘉电竞下载注册 for the OAuth2 implementation:
First of all, with OAuth2 you can c onnect 玩嘉电竞下载注册 clients (Desktop, Android, iOS) through a standardized and secure authorization flow. This enables on the one hand that clients or third party applications never get to know a user’s actual login credentials but automatically get a separate « password » or token, respectively.
On the other hand such application-specific tokens can be revoked selectively enabling users to disconnect their authorized clients. When e.g. a device is lost, no passwords can be extracted from it and access to an 玩嘉电竞下载注册 account can easily be revoked for this particular device by the user in self-service using 玩嘉电竞下载注册’s web interface.
Apart from that, OAuth2 provides a user authorization interface for developers to facilitate the integration of 玩嘉电竞下载注册 in third party applications – this extends the possibilities for secure integration of 玩嘉电竞下载注册 with other applications.
That the authentication is now handled by the server makes integration of identity management services (SAML/SSO) easier, as clients just need to be authorized by the server. Previously all clients had to handle the whole authentication process themselves.
What Could OAuth2 Be Used for in the Future?
Future support of various authentication protocols in 玩嘉电竞下载注册 is highly facilitated as it can now be handled entirely by server-side implementations. Clients are authorized independently via OAuth2.
OAuth2 also introduces new possibilities for access control: In the future you will be able to use granular device- and application-specific access controls within an 玩嘉电竞下载注册 account via OAuth Scopes.
If you want your phone to only interact with files while other API endpoints (e.g. user management for administrator accounts) are only accessible using the « real » user credentials, you will be able to define access rights associated with applications. Furthermore read-only clients and even application-specific folder permissions (e.g. certain folders can’t be accessed via clients) are great use cases that can be realized based on OAuth2.
How to Start Using OAuth2
OAuth2 is designed to be the new default way of connecting clients to an 玩嘉电竞下载注册 Server (basic authentication will still be possible for legacy WebDAV clients or when an 玩嘉电竞下载注册 Server does not support OAuth2). It’s easy, seamless and the most secure method ever:
To connect the 玩嘉电竞下载注册 clients you need a server which has the OAuth2 app installed and enabled. If this is the case, you can just open your 玩嘉电竞下载注册 client, enter the address of your 玩嘉电竞下载注册 and connect. Next the web view opens your 玩嘉电竞下载注册 login page.
Now you have to enter your credentials and authorize the application. The 玩嘉电竞下载注册 Server provides unique tokens (access and refresh tokens) to the client, so the client is authorized to start its operations.
Having completed this quick process an 玩嘉电竞下载注册 client is connected instantly and operates as usual.
Platform Feature Status
- OAuth2 v0.2 server-side (requires 玩嘉电竞下载注册 Server 10.0.3 or later) released to 玩嘉电竞下载注册 Marketplace ( https://marketplace.owncloud.com/apps/oauth2 )
- 玩嘉电竞下载注册 Android App with OAuth2 support since version 2.5.0
-
玩嘉电竞下载注册 iOS App with OAuth2 support since version 3.7.0
-
玩嘉电竞下载注册 Desktop client with OAuth2 support since version 2.4.0
We recommend using OAuth2 for all 玩嘉电竞下载注册 installations to make users’ lives easier and more secure.
