Help:OAuth/ja

OAuth is a means of giving outside ("connected") applications the ability to perform edits and other actions on your behalf. Using this authentication protocol, you can authorize ("grant") a connected application the ability to act using your account without the need to divulge your password, and without getting access to functionality it is not supposed to use. The OAuth protocol is widely used by other websites, including major sites such as Google and Flickr.

画像編集補助、CropToolがWikimediaのウィキ上でのOAuthの使用法の一例となります.

よくある質問
あなたの質問への回答がここで見つからない場合は、トークページでご遠慮なくお尋ねください. 誰かが回答します.

OAuthはセキュアですか?
はい、OAuth プロトコルはサードパーティの認証をセキュアにするために設計されています.

初めに、パスワードを提供しなくともOAuthはご利用のアカウントにアクセスするためのサードパーティーウェブサイトを提示します. 利用者が許可することで、アプリケーションはアカウントにアクセス可能となり、その権限をとり消すとアプリケーションは直後に利用者の代わりを担うことは不可能になります.

Secondly, each third-party website you authorize is only allowed to take the specific actions you authorized it to. This means that, for example, if you are an administrator and you authorize an application that asks only for "Basic rights", if the application tries to delete a page (which requires admin rights) then that wiki will reject the request. Previously, if an application had your password, you were relying on the assurances of the author of the application that it would not use your advanced rights.

How does this affect me right now?
Applications cannot take any actions on your behalf without authorization, so until you decide you want to use an application which uses OAuth, you're not affected at all.

アカウントにアプリケーションを接続するには?


If an application wishes to use OAuth to take actions on your behalf, you will have to authorize it to do so. Applications cannot take any actions on your behalf without authorization.

When an application asks you to authorize it, you will be presented with a dialog which tells you what rights the application has asked for (see image on the right). If you click "Cancel", the authorization process is declined. If you click "Allow", the application will be authorized to take the actions listed in the dialog. The authorization will remain in effect until you revoke it.

現在利用可能なアプリケーションの一覧は、Special:OAuthListConsumersにてご確認いただけます.

アカウントに接続済みのアプリケーションを確認するには
こちらのSpecial:OAuthManageMyGrants（個人設定の"利用者情報"タブからもアクセス可能）にアカウントへのアクセス用に許可されたアプリケーションすべてがリストアップされています. 当ページから、

アカウントにアクセスしてくるアプリケーションアビリティを外すには
Go to Special:OAuthManageMyGrants, find the application you want to remove access for, and click "revoke access". Then, on the page that opens, click the "Deauthorize" button.

Once an application is deauthorized, it will no longer be able to access your account or take any actions on your behalf. You will have to go through that application's authorization process again in order for it to access your account.

The management interface is global - it will show the same applications, no matter which Wikimedia wiki you are on.

How do I change what actions an application can take with my account?
Go to Special:OAuthManageMyGrants, find the application you want to modify the permissions for, and click "manage access". From here you can revoke any individual permissions, excluding "Basic rights" which are the minimal rights required by all connected applications to function.

Altering or removing permissions from an application's grant may cause the application to stop working properly for you.

Can I see an example of how OAuth works?
Brad Jorsch has put together an example of how OAuth works called "OAuth Hello World!". To try it, go to https://tools.wmflabs.org/oauth-hello-world/.

自分のアプリケーションはどこで登録できますか?
Please see the developer documentation.

関連ページ

 * OAuth/For Developers
 * OAuth/Owner-only consumers