After waiting for more than two years, Twitter has finally enabled support for oAuth to all developers using its API. It’s a great move and it’s a win-win situation both for the developers and also for Twitter users. Going forward, the Twitter third-party developers need not ask Twitter users for their username and password.
For the uninitiated, oAuth is an open protocol for online authentication. It enables a user who stores information such as a password on a particular Web site to then authorize yet another site to access that data, all the while not sharing the user’s identity with that site.
To give you a real-world non-technical example, it is like a car valet key, given to a parking assistant. Valet key unlike the original key, will have lot of restrictions like you cannot drive beyond few kilometers or cannot go beyond a particular speed etc.
In a similar move, WordPress 2.8 will also enable support for oAuth. Will Norris, has published an article explaining how oAuth is planned to be implemented in WordPress 2.8. There are yet some limitations (oAuth libraries need PHP5) but it’s a great start.
If you are a WordPress Plugin author of any Plugin that hooks into authentication then you may have to change your Plugin code to support oAuth.
I am really excited about the support for oAuth in Twitter and WordPress. I need to play with them a little once I get some free time. 🙂