by Christian Scholz on April 25, 2008
One step in the right direction is done by Google now by supporting OAuth as an alternative to their proprietary Google AuthSub for the Google Contacts API. According to this post on the OAuth mailing list the plan is to deploy OAuth for all the Google Data APIs.
This is very good news for having a standardized way for accessing web services without asking the user for their username and password. This of course is also good news for DataPortability as OAuth is one of those parts which we would like to see embraced. And after all the goal for OAuth was to get rid of all those proprietary auth protocols from Google, Yahoo, flickr et. al., so this is a good sign that this really is happening.
For the uninitiiated: OAuth is similar to what flickr does when some external service wants to get access to your photos. It redirects you to the site, the site then asks you to login and to confirm that this external service should be allowed to access these services. So you don’t need to give your password to any external service as they delegate the decision to the original service. So no more need to give out your GMail username/password with the Google Contacts API (and other similar services).
So cheers to Google!