The current custom-made token-based authorization scheme is quite similar to the same in OAuth. Current custom protocol is based on revocable access tokens that are unique to one instance of client application and one user of it. In near future it is planned to support different access scopes that restricts an availability to perform some requests and actions in the system.
But, if we'll look closely, OAuth protocol supports this functions already, by design. And provides some other neat features in addition.
So, in future (maybe, quite near future) it's likely that OAuth protocol support will be implemented in platform. And in somewhat distant future it's likely that OAuth protocol will replace a current custom one.
The current custom-made token-based authorization scheme is quite similar to the same in OAuth. Current custom protocol is based on revocable access tokens that are unique to one instance of client application and one user of it. In near future it is planned to support different access scopes that restricts an availability to perform some requests and actions in the system.
But, if we'll look closely, OAuth protocol supports this functions already, by design. And provides some other neat features in addition.
So, in future (maybe, quite near future) it's likely that OAuth protocol support will be implemented in platform. And in somewhat distant future it's likely that OAuth protocol will replace a current custom one.