Tutorial :What is meant by two legged authentication?


What is meant by two legged authentication? Where and how it is used in programming?


Good point, this is the post that I put my presentation from here.

Two legged Authentication

Two legged authentication means that there are only two parties involved in the authentication process. The first step is to make a Create a User’s OAuth Token request by signing the request as described in the OAuth Consumer Request Specification. Please note that the OAuth Consumer Key provided in this request MUST be associated with an account that the User is a member of.

The main advantage of 2 legged authentication is that the user experience is seamless since no additional User interactions are required to initiate an API session. The disadvantage of this method is that the Consumer must have access to a valid set of OAuth Consumer credentials (key and secret) for the User’s Account. A User should NEVER reveal their Account Consumer Key/Secret to a 3rd party, making this type of authentication only appropriate when the Account holder and Consumer are of the same entity.

Also read here to learn about Oauth.


2-legged seems to be used in the OAuth context. It means there are two parties involved in the OAuth.

For more information, see 2-legged OAuth for the OpenSocial REST API and the earlier Stack Overflow question Two-legged OAuth - looking for information.

Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Next Post »