Progress on the API has been much faster than I expected. After a week’s worth of work, we have a fully functioning OAuth provider and a few JSON response API methods ready to go. Before we go too far, though, I’d like to get some feedback on the basic OAuth workflow.
OAuth is a standard workflow for managing third-party applications that want to access resources on behalf of a user. Facebook, Twitter, LinkedIn, Netflix, and a whole slew of other websites have started using OAuth for exactly what we’re trying to do here on Obsidian Portal. Considering that there is a lot of library support (PHP, Ruby, Flash, .NET, etc) for OAuth, it seems like a good way to go.
Unfortunately, OAuth is significantly more complicated than other, simpler authentication methods. It requires a special procedure to authenticate the user, plus each API request must be signed with a special algorithm. What we’d like is some initial feedback on whether it’s accessible enough and works for the developer community.
If you’re interested in taking the totally unstable, soon-to-change alpha version of the API out for a spin, check out the overview page, then create an application. Giv the OAuth signup workflow a shot, and let me know what you think in the forum thread.
So what’s in it for you? Well, I’m giving priority to feature requests from people actively playing with the API. If there’s something you want to do, and data you need, then start playing around and tell me what’s missing. If I can add it easily, I will. Of course, everything is likely to change a bit in the coming weeks, but we have to start somewhere.