What is better for ASP.NET MVC REST API? OAuth 2.0 or OAuth 1.0?

Question

What is better for ASP.NET MVC REST API? OAuth 2.0 or OAuth 1.0?

We create a REST API using ASP.NET MVC. This API is basically the same as the Factual v3 API. They use two-legged Oauth 1 for their API. Our design is very similar to these applications, primarily the mobile will use our API behind the scenes to provide the service. The end user of the application will not know about our API and therefore will not have any credentials. Therefore, redirecting a user through a browser window to an auth form (e.g. facebook) makes no sense. My questions...

Why is OAuth2 flow best used in this scenario?
Should we use Oauth2 or just stick with two-way OAuth 1?

For reference, we use C # /. NET, ASP.NET MVC 3 and plan to use DotNetOpenAuth v4.

http://developer.factual.com/display/docs/Factual+Developer+APIs+Version+3

+5

rest api asp.net-mvc oauth-2.0 dotnetopenauth

craigtadlock Feb 09 '12 at 20:52

source share

2 answers

: http://community.codesmithtools.com/CodeSmith_Community/b/tdupont/archive/2011/03/18/oauth-2-0-for-mvc-two-legged-implementation.aspx

0

Bogdan Nicolau 10 . '12 16:21

Andrew Arnott · Accepted Answer · 2012-02-11T23:56:22+0000

Why is OAuth2 flow best used in this scenario?

It's not obligatory. OAuth 2 is an incomplete specification. If you need maximum compatibility, OAuth 1.0 is the best choice (for now). OAuth 2 is easier for the client, due to significantly greater complexity on the server.

Should we use OAuth2 or just stick with two-way OAuth 1?

, , . , DotNetOpenAuth, OAuth 1.0 , OAuth 2.0 , , , .

What is better for ASP.NET MVC REST API? OAuth 2.0 or OAuth 1.0?

More articles: