[erlang-questions] Identity and Access Management in Erlang (à la Amazon AWS)

Zabrane Mickael <>
Sun Dec 16 17:11:55 CET 2012


Seems like OAuth2 is weak:
http://www.infoq.com/news/2010/09/oauth2-bad-for-web

Regards,
Zabrane

On Dec 16, 2012, at 12:40 PM, Zabrane Mickael wrote:

> Hi Antoine,
> 
>> Isn't this  oauth ?
> 
> Was suspecting OAuth, but not sure at all.
> 
>> There are implementations on github search for erlang oauth.
> 
> Found multiple ones:
> https://github.com/tim/erlang-oauth (Zotonic is using this, so it should be the one to pick).
> https://github.com/opscode/erlang-oauth
> 
> https://github.com/kivra/oauth2 (<-- OAuth2)
> https://github.com/kivra/oauth2_client
> 
> https://github.com/JLarky/erlang-oauth-2.0
> 
> Suggestions?
> 
>> Hope this helps :-)
> 
> Can someone more experienced in "security" confirm that AMAZON is using OAuth please?
> If yes, should I use OAuth or OAuth2? I'm bit lost.
> 
> Regards,
> Zabrane
> 
>> On Saturday, December 15, 2012, Zabrane Mickael wrote:
>> Hi guys,
>> 
>> I'm looking for an "Identity and Access Management" Erlang API similar to what Amazon offers around the AWS services.
>> With AWS, you (only) need:
>> AWS_ACCESS_KEY_ID
>> AWS_SECRET_ACCESS_KEY
>> 
>> The idea is to offer our customers a secure access to a bunch of services (similar to AWS).
>> 
>> Any Erlang project which already handle this? Hints on how implement such an API?
>> Help much appreciated.
>> 
>> Regards,
>> /Z
>> 
>> _______________________________________________
>> erlang-questions mailing list
>> 
>> http://erlang.org/mailman/listinfo/erlang-questions

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20121216/115020e9/attachment.html>


More information about the erlang-questions mailing list