With vulnerabilities recently surfacing in the OAuth implementations of popular service providers like Yammer, Instagram and Facebook, it’s hard to blame anyone for getting the impression that there are fundamental security flaws in the OAuth protocol.
Francois Lascelles, Chief Architect at Layer7, answered OAuth questions live, discussed the common security mistakes made in OAuth implementations and explain how to mitigate common threats.