Welcome to WebmasterWorld Guest from

Forum Moderators: open

Message Too Old, No Replies

Yahoo API OAuth Potential Security Issue



4:51 pm on Apr 23, 2009 (gmt 0)

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month

Yahoo API OAuth Potential Security Issue [developer.yahoo.net]
As you may know, several Yahoo! APIs use OAuth, an open standard that lets users give a service permission to access the information theyve stored with a third-party website without exposing their password and account information. The Yahoo! APIs that leverage OAuth include our Y!OS Social Directory, Contacts, Status, and Updates APIs, as well as Fire Eagle.

Recently, the folks at OAuth let us know about a potential security issue within the protocol. At Yahoo! we take the security and privacy of our users very seriously, and so for the time being weve disabled the ability for users to authorize new applications via OAuth. Applications that have already been authorized will not be affected.

We recognize the impact this has on you as developers and appreciate your patience. Were continuing to evaluate the best way to move forward and are actively working with the OAuth community to resolve the issue.


10:21 pm on Apr 23, 2009 (gmt 0)

10+ Year Member

And this is why Twitter also disabled it?

Featured Threads

Hot Threads This Week

Hot Threads This Month