[ekoontz]

"The value proposition of the API proxy increases dramatically if it is able to map between the security protocol of choice in the mobile world, OAuth, and the existing security infrastructure in the enterprise."

The problem is that OAuth is only Authorization - you still need Authentication. It seems to me you'd want to use SASL with mobile devices so that your mobile clients can connect to your enterprise's Kerberos or Active Directory Server. Haven't tried this, but maybe this would be a good start for Android devices: https://github.com/koterpillar/android-sasl

(seen here: http://stackoverflow.com/questions/3327615/is-there-sasl-imp...)