Idea: client-side Oauth

You know how you can log into Github through Google, that is, into one web site by cross-authentication with another? That’s OAuth.

OAuth is a web thing. It lets you log in on a site for which you lack a password by asking a third party site to vouch for you.

What if you could do the same for client-side apps, ones which run on your own machine, never popping out to the cloud?

This idea came to me just now when the Chrome browser asked me to sign in to Goodreads, even though I am already signed in on Firefox. What Chrome could do is bounce me over to Firefox for an OAuth-like interaction.

This could also be super valuable as an API between password managers and desktop apps which require a password, like Slack. You sign into your password manager, and from then on a sign-in to another app can bump you to your password manager.

I’m sure it’s possible. I imagine a light variant or modest extension of OAuth would do the job.

Leave a Reply

Your email address will not be published. Required fields are marked *