Liked
Sign in with GitHub in Go - Eli Bendersky's website
Post details
by 
Jamie Tanna
.
#github
#oauth2
#go.
Tag oauth2
Bookmarked
Does OAuth2 have a usability problem? (yes!)
Post details
by Jamie Tanna
.
#oauth
#oauth2.
Bookmarked
Why is OAuth still hard in 2023? | Nango Blog
Post details
We implemented OAuth for the 50 most popular APIs. TL;DR: It is still a mess.
by Jamie Tanna
.
#oauth
#oauth2.
Prefilling OAuth2 scopes for GitHub Personal Access Tokens (1 mins read).
How to make it easier to set up your OAuth2 scopes on a Personal Access Token with GitHub.
Prefilling OAuth2 scopes for GitLab Personal Access Tokens (1 mins read).
How to make it easier to set up your OAuth2 scopes on a Personal Access Token with GitLab.
Liked
Spring Authorization Server Is Going 1.0
Post details
<div class="paragraph"> <p>We are excited to announce that we’ve started preparing for Spring Authorization Server 1.0 with plans to release the GA version in November 2022. It has been just over two years since we <a href="https://spring.io/blog/2020/04/15/announcing-the-spring-authorization-server">initially announced</a> this new project, and we have come a long way since its initial development. The project has a full <a href="https://docs.spring.io/spring-authorization-server/docs/current/reference/html/overview.html#feature-list">feature set</a>, and the APIs have stabilized and matured over this time. A lot of effort and care was put into this project to ensure that it can grow and adapt over the next few years.</p> </div> <div class="paragraph"> <p>Spring Authorization Server 1.0 will be based on Spring Security 6.0, which will be based off of <a href="https://spring.io/blog/2021/09/02/a-java-17-and-jakarta-ee-9-baseline-for-spring-framework-6">Spring Framework 6.0</a> and will require a minimum of Java 17 at runtime, as well as a minimum of Tomcat 10 or Jetty 11 (for Jakarta EE 9 compatibility). This major release will inherit the <a href="https://tanzu.vmware.com/support/oss">VMware Tanzu OSS support policy</a>. <a href="https://tanzu.vmware.com/spring-runtime">Commercial support</a>, which offers an extended support period, is also available from VMware.</p> </div>
Liked
GitHub - srikrsna/oauth-introspection: Go OAuth 2.0 Introspection Client Middleware
Post details
Go OAuth 2.0 Introspection Client Middleware. Contribute to srikrsna/oauth-introspection development by creating an account on GitHub.
by Jamie Tanna
.
#oauth2
#go.
Liked
The Identity of OAuth Public Clients
by
Post details
I recently got back from a series of events filled with lots of interesting discussions around various OAuth-related topics. At the official IETF meeting in Vienna back in March, I presented the …
by Jamie Tanna
.
#oauth2.
Protecting an Architect Framework Application with OAuth2 or OpenID Connect Authentication (4 mins read).
How to set up OAuth2/OpenID Connect authentication with an Architect Framework application.
by Jamie Tanna
.
#blogumentation
#architect-framework
#nodejs
#aws-lambda
#oidc
#indieauth
#oauth2.
Liked
GitHub - panva/node-openid-client: OpenID Certified™ Relying Party (OpenID Connect/OAuth 2.0 Client) implementation for Node.js.
Post details
OpenID Certified™ Relying Party (OpenID Connect/OAuth 2.0 Client) implementation for Node.js. - GitHub - panva/node-openid-client: OpenID Certified™ Relying Party (OpenID Connect/OAuth 2.0 Client) ...
by Jamie Tanna
.
#nodejs
#oauth2
#oidc.
Liked
OpenID Connect with Mike Jones
Post details
by Jamie Tanna
.
#oidc
#oauth2
#oauth
#identity.
It's been a few days without y'all reading my ✨ Opinions ✨ so here's one about #OAuth2 client credentials, and why you shouldn't use a client secret https://www.jvt.me/posts/2021/11/09/avoid-client-secret/
by Jamie Tanna
.
#oauth2.
Why You Should Avoid using Client Secret Authentication for OAuth2 Client Credentials (7 mins read).
Why I recommend against using client secret authentication for OAuth2 and OpenID Connect APIs.
by Jamie Tanna
.
#oauth
#oauth2
#oidc
#security.
Liked
a post on Twitter
Post details
Tumblr's API is now OAuth2: engineering.tumblr.com/post/666127838… A significant security upgrade from what they had used previously (OAuth1.0a), let's see if @twitterdev will catch up to the @tumblr team.Emelia 👸🏻 (@ThisIsMissEm)Wed, 27 Oct 2021 15:47 +0000
by Jamie Tanna
.
#oauth2
#oauth
#tumblr
#twitter.
Implementing IndieAuth Server Metadata (2 mins read).
Announcing support for OAuth Server Metadata on my IndieAuth Server.
by Jamie Tanna
.
#www.jvt.me
#indieauth.jvt.me
#indieauth
#oauth2
#oidc.
Liked
a post on Twitter
Post details
So with the recent discovery that GitHub Actions create an OIDC identity per run, it's possible to configure Vault to allow auth w/ Actions identities and subsequently use that to get access to... anything. Some cleanup required but this is very promising! (c/o @grantorchard)Mitchell Hashimoto (@mitchellh)Mon, 20 Sep 2021 21:02 +0000
by Jamie Tanna
.
#github
#oauth2
#oidc.
by Jamie Tanna
.
#api
#oauth
#oauth2.
Introducing tokens-pls, a Web Application to Test OAuth2 Code Flows (2 mins read).
Announcing my new project, tokens-pls, which allows for easier manual testing with the OAuth2 code flow for Public Clients.
Using Proof of Key Code Exchange (PKCE) Using rack-oauth2 as an OAuth2 Client (1 mins read).
How to use the PKCE extension when using the Ruby library rack-oauth2 as an OAuth2 client.
Implementing the Refresh Token Grant in my IndieAuth Server (4 mins read).
Announcing support for long-lived refresh tokens as part of my IndieAuth server.
by Jamie Tanna
.
#www.jvt.me
#indieauth.jvt.me
#indieauth
#oauth2.
Bookmarked
https://www.youtube.com/embed/M3jA0bGDCso
.
Setting up Multiple redirect_uris on the Meetup.com API (2 mins read).
How to allow multiple redirect_uris on your Meetup.com (OAuth2) API consumer.
You're currently viewing page 1 of 1, of 45 posts.