Google is shutting down OAuth 1.0 on 20 April 2015. My project was previously using oauth 1.0, So I have updated code and used OAuth 2.0
Now I want to know when OAuth 2.0 will be shutdown. I came across the url Using OAuth 2.0 for Login (early version)
Which saying the "Google has deprecated the early implementation of OAuth 2.0", So did they end up current OAuth 2.0 version?
OAuth can be used for authentication (knowing who the user is), and authorization (accessing data on behalf of the user).
The open standard for doing authentication with OAuth 2.0 is OpenID Connect, which Google supports. The old document titled "OAuth 2.0 for Login (Early version)" referred to an earlier recommendation for how to authenticate users using OAuth 2.0, before OpenID Connect existed. So the only thing deprecated in that doc was this old authentication pattern, in favor of the final, standardized implementation of OpenID Connect. As long as you use OAuth 2.0, and OpenID Connect – you're fine.
In short, it is safe to use OAuth 2.0 to access data on behalf of users, and the final version of OpenID Connect to authenticate users. The industry is standardizing around these two protocols, and you should be safe using them for some time to come. You can read a recent announcement by the OpenID Foundation that included Google as one of the leading proponents of OpenID Connect (and OpenID Connect depends on OAuth 2.0).
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With