The Signpost

Technology report

OAuth: future of user-designed tools

Interface a user sees when granting permission for an application to access their account

Last month, the OAuth extension was deployed to all Wikimedia wikis. OAuth is a standard used for allowing users to authenticate third-party applications, also known as consumers, to take actions on their behalf.

In the past, tools were forced to use systems like TUSC to authenticate users, or store a separate authentication database like UTRS. Now, these applications can take actions using your account without you having to give them your password. For example, you can use the CropTool tool to crop an image on Commons, and the cropped image will be uploaded using your own account with a tag showing that CropTool was used.

Instructions for getting your application set up to use OAuth can be found on mediawiki.org. Currently Dan Garry, the product manager for OAuth, is approving each application before it can be used. That role will transition over to the Stewards after the guidelines for OAuth consumers, which are currently being drafted, are finalised.

More information:

In brief

Not all fixes may have gone live to WMF sites at the time of writing; some may not be scheduled to go live for several weeks.


















Wikipedia:Wikipedia Signpost/2013-12-25/Technology_report