Help:OAuth/fr

OAuth est un moyen de donner à des applications externes (connectées) la possibilité d’effectuer des contributions ou d’autres actions en votre nom. En utilisant ce protocole d’authentification, vous pouvez donner une autorisation (grant) à une application connectée la possibilité d’agir en votre nom sans avoir besoin de divulguer votre mot de passe. Le protocole OAuth est largement utilisé par d’autres sites web, en particulier les grands sites comme Google et Flickr.

Question fréquemment posées
Si votre question ne trouve pas de réponse ici, n’hésitez pas à demander sur la page de discussion et quelqu’un y répondra.

Est-ce que OAuth est sécurisé ?
Oui, le protocole OAuth est conçu pour être une méthode sécurisée pour les autorisations de tierces parties.

Firstly, OAuth allows third-party websites to access your account without you having to give them your password. Applications are able to access your account if and only if you authorise them to do so, and if you revoke that right then application will immediately be unable to take actions on your behalf.

Secondly, each third-party website you authorise is only allowed to take the specific actions you authorised it to. This means that, for example, if you are an administrator and you authorise an application that asks only for "Basic rights", if the application tries to delete a page (which requires admin rights) then that wiki will reject the request. Previously, if an application had your password, you were relying on the assurances of the author of the application that it would not use your advanced rights.

Comment cela peut m’affecter maintenant ?
Applications cannot take any actions on your behalf without authorisation, so until you decide you want to use an application which uses OAuth, you're not affected at all.

Comment puis-je connecter une application à mon compte ?


If an application wishes to use OAuth to take actions on your behalf, you will have to authorise it to do so. Applications cannot take any actions on your behalf without authorisation.

When an application asks you to authorise it, you will be presented with a dialogue which tells you the what rights the application has asked for (see image on the right). If you click "Cancel", the authorisation process is declined. If you click "Allow", the application will be authorised to take the actions listed in the dialogue. A list of currently approved applications is available at Special:OAuthListConsumers.

Comment puis-je voir quelles applications sont connectées à mon compte ?
The page Special:OAuthManageMyGrants (which is also accessible from the "User profile" tab in your preferences) lists all the applications you have authorised to access your account. From this page, you can also adjust and revoke grants.

Comment puis-je retirer la possibilité à une application d’accéder à mon compte ?
Go to Special:OAuthManageMyGrants, find the application you want to remove access for, and click "revoke access". Then, on the page that opens, click the "Deauthorise" button. Once an application is deauthorised, it will no longer be able to access your account or take any actions on your behalf. You will have to go through that application's authorisation process again in order for it to access your account.

Comment puis-je changer les actions qu’une application peut effectuer avec mon compte ?
Go to Special:OAuthManageMyGrants, find the application you want to modify the permissions for, and click "manage access". From here you can revoke any individual permissions, excluding "Basic rights" which are the minimal rights required by all connected applications to function.

Please note that altering or removing permissions from an application's grant may cause the application to stop working properly for you.

Puis-je voir un exemple du fonctionnement de OAuth ?
Brad Jorsch has put together an example of how OAuth works called "OAuth Hello World!". To try it, go to https://tools.wmflabs.org/oauth-hello-world/.

Voir aussi

 * OAuth Hello World, application écrite en PHP
 * Bibliothèque flask-mwoauth