[OAUTH-WG] OAuth 2.0 UI/UX Resources?
Daniel Roesler <daniel@utilityapi.com> Wed, 03 July 2019 14:26 UTC
Return-Path: <daniel@utilityapi.com>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9FD2412023D for <oauth@ietfa.amsl.com>; Wed, 3 Jul 2019 07:26:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=utilityapi.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Zjw5Y9rUh1mG for <oauth@ietfa.amsl.com>; Wed, 3 Jul 2019 07:26:29 -0700 (PDT)
Received: from mail-qt1-x831.google.com (mail-qt1-x831.google.com [IPv6:2607:f8b0:4864:20::831]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 341B3120232 for <oauth@ietf.org>; Wed, 3 Jul 2019 07:26:29 -0700 (PDT)
Received: by mail-qt1-x831.google.com with SMTP id h21so1258088qtn.13 for <oauth@ietf.org>; Wed, 03 Jul 2019 07:26:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=utilityapi.com; s=google; h=mime-version:from:date:message-id:subject:to:cc; bh=EBuDMXVuIllUpRjE9FxdIN5sx/GIFE6FigOAC978TAA=; b=WT1l2BuaaAvxzQ9qPO1QXtBJZMvyVqU485LmPZqgq60bxYBpS2Mdu1uBCng4fG5mBG Ram5fNZ2zKZm20Wm+a5wvbDLITK8WAjMuChkeKTZ79jbzydV99CQezFa27Y5PeTkOt7i +7UgRSLwipP511kQD8xBtmn7fSgmBS2MmKYyY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=EBuDMXVuIllUpRjE9FxdIN5sx/GIFE6FigOAC978TAA=; b=RYcCKRqD1BIG9xaNyjI0zpOnSdFKuKb0XRUQx1A51GJWaoIv1wJmXasZeVi2Z4L9ho RpY2ODpoJhb+C/qAlbgtR+uCtGTUTGi5h48RR2pgClPmhQaSPKWgn+M8acN45yuHxqD8 lEiAheAux/AZUFzs1+dx4kTNc2yCkIvYnuEdIPMjr131sds+9WD4YDxoZ0PnJVMbETvg L6drNIRaVeFweHb8zD9UOuSOaS2ag4M5Nid3lLsN6iyHukWzmJz3pqaGUVD6n0A1pb6d cZ+ulNWwluLNpYuUaQWQHuIFz6BT/pO8Lh72dzMC77x4IDAlwHBNKLCIerxhDjJXKQqQ C0NA==
X-Gm-Message-State: APjAAAVwVH/ME1CsPjx20XpKDP2gfi4hVd7E035yKqFLZNbIqGdMhOLe VtrfzpKLZC1CzN75sa3ILi/bzBmAFgwK+xomH6IDCcau
X-Google-Smtp-Source: APXvYqza4ZlJbawXxknYxXeebICtCuDs/boPx7jnIaVNABiLixUFd6VJ1IXnXD59M08Ar3P+91igPGPEYjPZ44hHKBM=
X-Received: by 2002:ac8:2309:: with SMTP id a9mr29908887qta.103.1562163988009; Wed, 03 Jul 2019 07:26:28 -0700 (PDT)
MIME-Version: 1.0
From: Daniel Roesler <daniel@utilityapi.com>
Date: Wed, 03 Jul 2019 09:25:51 -0500
Message-ID: <CAF2Zz1Q-F26d=B41v8B+Qr25z9LuTWd5XEC-fgHAzs_7bhvTuQ@mail.gmail.com>
To: OAUTH-WG <oauth@ietf.org>
Cc: "Donald F. Coffin" <dcoffin@greenbuttonalliance.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/oauth/7UnNt6jGUjmpnDKWz9p_BM10mKU>
Subject: [OAUTH-WG] OAuth 2.0 UI/UX Resources?
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jul 2019 14:26:31 -0000
Howdy all, Apologies if this is slightly off topic. I'm a part of the Green Button Alliance, the non-profit standards body around sharing energy data, and the customer consent process is based on OAuth 2.0 (e.g. granting access to your smart meter data in order to have an energy audit done). However, most utilities we work with are unfamiliar with OAuth 2.0, so we often have to explain how it works and what the best practices are. There are plenty of resources we can point them to for the actual protocol handshake, but I haven't been able to find any resources around best practices for designing the user interface and experience of OAuth. Unfortunately, in the energy industry, UI/UX design isn't our strong suit, so it would be very helpful if we had design lessons-learned from other industries to use as a reference. Does anyone here know of any resources, talks, blog posts, examples, etc. for making good OAuth 2.0 UI/UX? Thanks! Daniel Roesler
- [OAUTH-WG] OAuth 2.0 UI/UX Resources? Daniel Roesler
- Re: [OAUTH-WG] OAuth 2.0 UI/UX Resources? Filip Skokan