0

Understanding YQL Open Data Tables that use oAuth

I'm new to YQL and oAuth but I've spent quite a bit of time going through all the YDN documentation on both subjects. I just want to clarify my understanding of using a YQL Open Data Table (that also requires oAuth) through the YQL private url.

If I want to use the Facebook Open Data Table FQL call for example I would have to first present my user with a browser window that lets them authorize my application with their Yahoo account (this is just because I want to use the private YQL url, not because I want to access their private data, necessarily). Then I would also have to pop open another browser window that authorizes my application with their Facebook account, that way I can pass the Facebook key I need (fb_sig_session_key) is that correct?

If I have an application that (to the end user has nothing to do with Yahoo), it seems like it would be a cumbersome process to present a Yahoo account authorization window and then a Facebook authorization window on top of whatever they needed to login to my app in the first place. If I understand things correctly I *could* also use the public YQL url and then only present the browser window for Facebook's oAuth session, but that would drastically limit the number of calls I would make through YQL.

Is all the correct or am I missing something?

by
1 Reply
  • QUOTE (rawberg @ Mar 4 2010, 03:50 PM) <{POST_SNAPBACK}>
    I'm new to YQL and oAuth but I've spent quite a bit of time going through all the YDN documentation on both subjects. I just want to clarify my understanding of using a YQL Open Data Table (that also requires oAuth) through the YQL private url.

    If I want to use the Facebook Open Data Table FQL call for example I would have to first present my user with a browser window that lets them authorize my application with their Yahoo account (this is just because I want to use the private YQL url, not because I want to access their private data, necessarily). Then I would also have to pop open another browser window that authorizes my application with their Facebook account, that way I can pass the Facebook key I need (fb_sig_session_key) is that correct?

    If I have an application that (to the end user has nothing to do with Yahoo), it seems like it would be a cumbersome process to present a Yahoo account authorization window and then a Facebook authorization window on top of whatever they needed to login to my app in the first place. If I understand things correctly I *could* also use the public YQL url and then only present the browser window for Facebook's oAuth session, but that would drastically limit the number of calls I would make through YQL.

    Is all the correct or am I missing something?


    If you send your request to YQL using 2 legged OAuth then your calls will have the same number of limits as the 3 legged ones. Since 2 legged oauth only tells YQL about your particular consumer key and secret there is no need for a browser bounce to achieve this. You can directly sign a request w/ the YDN consumer key and secret.

    -- Nagesh
    0

Recent Posts

in YQL