The Latest News On The API Economy
Searching: No Search Term , Filtered By Category: "Security", Category: "Domains", Category: "Hosting"
OpenID holds much promise as a means of supporting a single digital identity that can be used across the Internet. Currently there are several types of OpenID identity providers out there, and several of the major players on the web, including AOL, Microsoft, Google, and Yahoo!, have committed to become OpenID providers as well. While there is some concern about the 'Balkanization' of OpenID by these service providers (essentially the concern is over the fact that service providers will only provide OpenIDs and subsequently they will not become consumers of OpenIDs from other providers), the positive side of this adoption is that hundreds of millions of existing user accounts can now be used as OpenIDs.
Yahoo! has announced the rollout of some limited tests for OpenID's Simple Registration specification. If you're not familiar with OpenID, it's an innovative way for handling user authentication that provides a free and easy way to use a single digital identity across the Internet.
A wide array of content and functionality has been incorporated into the ever-growing number of mashups out on the web today. From enterprise mashups to proof-of-concept hacks, developers and would be developers are leveraging the power of mashups to provide information in new and compelling ways. Mashups are still a relatively new phenomena, and as this new type of online application evolves it will become increasingly more important to ensure that your mashup adheres to a variety of best practices. Summarized below are five key best practices that you should strive to use in the development of your mashup.
What happens when the API is technically secure but the environment, whether widget, web site or mashup, is not? Recent security breaches in MySpace and Yahoo, which led to the release of semi-embarrassing photos of prolific celebs Paris Hilton and Lindsay Lohan, points out the added opportunities for hackers in the open web.
Standardization, or lack thereof, around identity, authentication and authorization for open web APIs is one of the greatest challenges to mashup application developers today. So it's quite notable that Google not only just quietly added OAuth support to their Google Contacts API but also stated that "This is our first step towards OAuth enabling all Google Data APIs."