Using OAuth to Authorize External Applications

My article on OAuth went up yesterday on developer.force.com (thanks Jon!). It seems like OAuth is gaining adoption so I hope the article comes in handy for people developing applications for Salesforce.com. I'm currently working on another article for the Force.com Web Services Connector (WSC).


"Force.com lets you build external web applications that access data on the Force.com platform using the Oauth 1.0a protocol. OAuth is an open protocol that allows a website to access resources of another website without having to expose a user's credentials. Instead of supplying a username and password, OAuth allows users to hand out security tokens to specific sites for access to specific resources for a defined duration.

In this article we'll explain what OAuth is and why you should use it. We'll also configure a Remote Access Application in Force.com, and develop an application on Google App Engine that uses a Remote Access Application to authorize access to Force.com to display account and contact records. Finally, we'll look at some tips, tricks, available libraries and best practices to get you up and running in no time."

Read the entires article at developer.force.com

All of the code for the application is available at the Google Code project: sfdc-oauth-demo