Many of you may have already seen our forum post from October 14, 2009 talking about how Yahoo! is retiring the use of the pre-Rev A OAuth flow for its APIs and services.
Why are we retiring pre-Rev A OAuth?
There was a security vulnerability found within pre-Rev A OAuth early this year. The new OAuth 1.0 A revision has been put into place to repair these vulnerabilities.
For full details on this, please see the original postings:
- YDN Forum Post: http://developer.yahoo.net/forum/index.php?showtopic=1263
- YDN Blog Post: developer.yahoo.net/blog/archives/2009/04/oauth_update.html
Am I affected? Where do I find more information?
Yahoo! has set up a few sources to find information about this migration. If you have questions about the services that are affected, how this might impact you, or full details about how to migrate to the new version, see the following resources:
- OAuth Security Issue FAQ: developer.yahoo.com/oauth/faq/
- OAuth Quick Start Guide: