Our organization is strongly leaning toward integrating OAuth into our Web application authentication architecture in order to support both standard and mobile Web apps. Are there any downsides to using OAuth, particularly with mobile applications, or any reasons why we should consider other methods or federation protocols?