Thursday, October 21, 2010

What about OAuth? Gesundheit!

I volunteer some of my time to serve as a board member for the the Educational Foundation of the PDMA. Our product for facilitating business education is still in preliminary development, but it is coming along nicely. There are security and privacy concerns which complicate what we are trying to do, so we are investigating existing solutions.
  • OAuth - One approach I hope we take with privacy is to limit the amount of private data we store. We still want to have access to people's social media, so for that we should use OAuth. OAuth allows a site to access private data without having to reveal your password to the site. My understanding of OAuth does not extend much beyond the introduction of a beginner's guide, but Twitter, Facebook, and Google all have OAuth interfaces.
  • Open Social - Open Social is Google's suggested (and open) API for web services. I do not think we will be creating web services, but we should definitely follow this if we do.
  • Friend Connect - Google's social overlay for sites. Unfortunately, it doesn't seem to have legs. Sometime soon Google will make an announcement about social that will either replace or revamp this.
  • Facebook Connect - Our website uses Drupal for its content management system. A plugin exists for putting Facebook Connect on a Drupal site. Facebook Connect is basically Facebook's version of Friend Connect.
  • PayPal - I have generally stayed away from this site because when it first started it had some privacy/security issues. They seem to have ironed them out now and are a very easy resource for setting up payments.
Any other neat technologies I should take a look at? Anything I should stay away from?