OAuth 1.0 uses oauth_token but OAuth Consumer Request 1.0 does not

Question

I understand that OAuth 1.0 use oauth_token to acquire access to the API. http://tools.ietf.org/html/draft-hammer-oauth-10#page-4

But there is another protocol so-called OAuth Consumer Request 1.0, it does not mention oauth_token. http://oauth.googlecode.com/svn/spec/ext/consumer_request/1.0/drafts/1/spec.html

I read both of them but don't understand the meaning and the relationship of them. What's the differences between them?

Note: I used to work with OAuth 2.0 and clearly understand it.

abraham abraham · Accepted Answer · 2012-03-26T14:20:59

Standard OAuth 1.0 is used to allow a consumer to access the data of multiple users at a provider.

With OAuth Consumer Request 1.0 there are no users, only the consumer and provider are present. The use case is the same as Google Maps where there is a single API key for each site and there isn't any private user data to access.

OAuth 1.0 uses oauth_token but OAuth Consumer Request 1.0 does not

1 Answers