This article was first published on Chainlink
OAuth is a popular form of API authentication and authorization that allows users to access different websites and applications without sharing their credentials. At first, it might seem difficult to get data from an external, Web2 service like OAuth into our blockchain smart contracts. However, Chainlink external adapters make it easy to perform difficult computation off-chain, and it’s no different with API authentication like OAuth. External adapters make it possible to use OAuth to access more secure external data sources and easily interact with them from our smart contracts on-chain. We can call these secure APIs from our Solidity or other smart contracts to access multiple services that have this high level of security. In this post, we’ll walk through an example of a Reddit external adapter.
What is OAuth?
When interacting with the internet, you often have to prove who you are in order to access data. The simplest way to prove who you are is with usernames and passwords. This is known as password or basic authentication methodology. However, we could think of another way to prove online that we are who we claim to be in the real world, like having someone else vouch for us. This is basically OAuth: it’s a form of delegated token authentication, meaning one party grants authentication to another.
OAuth works when two parties engage a trusted third party to prove who the identity of one of them via a provided digital token.
Let’s say Bob wants to get data from Alice, but doesn’t want to give Alice his password or tell her who he is. Bob and Alice are both friends with Margaret. Margaret tells Bob that she can give him a temporary token to give to Alice to get his data, and Alice doesn’t need Bob’s name or any ...
To keep reading, please go to the original article at: