home.social

#oauth2 — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #oauth2, aggregated by home.social.

  1. 75–80% of enterprise deals stall on authentication. SSO, SCIM, MFA — here's when you need what, and which platform to choose at each growth stage.

    Full details here: ostechnix.com/why-startups-nee

    #Authenitcation #Security #Opensource #IAM #OAuth2

  2. 75–80% of enterprise deals stall on authentication. SSO, SCIM, MFA — here's when you need what, and which platform to choose at each growth stage.

    Full details here: ostechnix.com/why-startups-nee

    #Authenitcation #Security #Opensource #IAM #OAuth2

  3. 75–80% of enterprise deals stall on authentication. SSO, SCIM, MFA — here's when you need what, and which platform to choose at each growth stage.

    Full details here: ostechnix.com/why-startups-nee

    #Authenitcation #Security #Opensource #IAM #OAuth2

  4. 75–80% of enterprise deals stall on authentication. SSO, SCIM, MFA — here's when you need what, and which platform to choose at each growth stage.

    Full details here: ostechnix.com/why-startups-nee

    #Authenitcation #Security #Opensource #IAM #OAuth2

  5. 75–80% of enterprise deals stall on authentication. SSO, SCIM, MFA — here's when you need what, and which platform to choose at each growth stage.

    Full details here: ostechnix.com/why-startups-nee

    #Authenitcation #Security #Opensource #IAM #OAuth2

  6. For a project I am working on I am currently researching the three Open ID Connect (OIDC) flows:

    * Authorization Code Flow is clear
    * Implicit Flow is to be avoided due to the potential for leakage of tokens

    ... and then there is the Hybrid Flow. I understand how it works, i.e. the sequence of steps and their parameters, but no matter where I looked, I could not find a single example for an actual **use case** of the Hybrid Flow. Lots of explanations about how it works, but no mention of the "why".

    When would I want to use the Hybrid Flow over the Authorization Code Flow? Or is this an instance of "you'll know it when you'll see it"?

    #oidc #oauth2 #DigitalIdentity

  7. Логин через Telegram по-новому: разбираем OIDC-флоу oauth.telegram.org и собираем его на Python

    Telegram теперь полноценный OpenID-провайдер: oauth.telegram.org, JWKS, JWT, claims. Туториалы на GitHub при этом массово показывают старый виджет с HMAC от bot-token и /setdomain в BotFather. Я разобрался с новым флоу и собрал PoC на Python — рассказываю, как устроен обмен между фронтом, Telegram и бэком, чем Login library через telegram-login.js отличается от manual OIDC code flow с PKCE, что настраивать в BotFather (спойлер: не в чате, а в его mini-app), как протестировать локально через ngrok, и какая проверка id_token нужна вместо ручного HMAC.

    habr.com/ru/articles/1033632/

    #telegram #telegram_login #openid_connect #oidc #oauth2 #jwt #jwks #pyjwt #python #authentication

  8. Логин через Telegram по-новому: разбираем OIDC-флоу oauth.telegram.org и собираем его на Python

    Telegram теперь полноценный OpenID-провайдер: oauth.telegram.org, JWKS, JWT, claims. Туториалы на GitHub при этом массово показывают старый виджет с HMAC от bot-token и /setdomain в BotFather. Я разобрался с новым флоу и собрал PoC на Python — рассказываю, как устроен обмен между фронтом, Telegram и бэком, чем Login library через telegram-login.js отличается от manual OIDC code flow с PKCE, что настраивать в BotFather (спойлер: не в чате, а в его mini-app), как протестировать локально через ngrok, и какая проверка id_token нужна вместо ручного HMAC.

    habr.com/ru/articles/1033632/

    #telegram #telegram_login #openid_connect #oidc #oauth2 #jwt #jwks #pyjwt #python #authentication

  9. Логин через Telegram по-новому: разбираем OIDC-флоу oauth.telegram.org и собираем его на Python

    Telegram теперь полноценный OpenID-провайдер: oauth.telegram.org, JWKS, JWT, claims. Туториалы на GitHub при этом массово показывают старый виджет с HMAC от bot-token и /setdomain в BotFather. Я разобрался с новым флоу и собрал PoC на Python — рассказываю, как устроен обмен между фронтом, Telegram и бэком, чем Login library через telegram-login.js отличается от manual OIDC code flow с PKCE, что настраивать в BotFather (спойлер: не в чате, а в его mini-app), как протестировать локально через ngrok, и какая проверка id_token нужна вместо ручного HMAC.

    habr.com/ru/articles/1033632/

    #telegram #telegram_login #openid_connect #oidc #oauth2 #jwt #jwks #pyjwt #python #authentication

  10. Логин через Telegram по-новому: разбираем OIDC-флоу oauth.telegram.org и собираем его на Python

    Telegram теперь полноценный OpenID-провайдер: oauth.telegram.org, JWKS, JWT, claims. Туториалы на GitHub при этом массово показывают старый виджет с HMAC от bot-token и /setdomain в BotFather. Я разобрался с новым флоу и собрал PoC на Python — рассказываю, как устроен обмен между фронтом, Telegram и бэком, чем Login library через telegram-login.js отличается от manual OIDC code flow с PKCE, что настраивать в BotFather (спойлер: не в чате, а в его mini-app), как протестировать локально через ngrok, и какая проверка id_token нужна вместо ручного HMAC.

    habr.com/ru/articles/1033632/

    #telegram #telegram_login #openid_connect #oidc #oauth2 #jwt #jwks #pyjwt #python #authentication

  11. Per-user OAuth для MCP-серверов: Keycloak, n8n и Telegram-бот через один Auth Proxy

    MCP-серверы не умеют в авторизацию, n8n не умеет в per-user токены, а OAuth-клиенты говорят на разных диалектах. Рассказываем, как один Auth Proxy перед FastMCP Gateway закрыл все три проблемы — и почему в итоге бот переехал на LangGraph Архитектура, грабли и код

    habr.com/ru/articles/1030302/

    #MCP #OAuth2 #Keycloak #FastMCP #LangGraph #n8n #Telegramбот #peruser_авторизация #AIагент #Auth_Proxy

  12. Per-user OAuth для MCP-серверов: Keycloak, n8n и Telegram-бот через один Auth Proxy

    MCP-серверы не умеют в авторизацию, n8n не умеет в per-user токены, а OAuth-клиенты говорят на разных диалектах. Рассказываем, как один Auth Proxy перед FastMCP Gateway закрыл все три проблемы — и почему в итоге бот переехал на LangGraph Архитектура, грабли и код

    habr.com/ru/articles/1030302/

    #MCP #OAuth2 #Keycloak #FastMCP #LangGraph #n8n #Telegramбот #peruser_авторизация #AIагент #Auth_Proxy

  13. Per-user OAuth для MCP-серверов: Keycloak, n8n и Telegram-бот через один Auth Proxy

    MCP-серверы не умеют в авторизацию, n8n не умеет в per-user токены, а OAuth-клиенты говорят на разных диалектах. Рассказываем, как один Auth Proxy перед FastMCP Gateway закрыл все три проблемы — и почему в итоге бот переехал на LangGraph Архитектура, грабли и код

    habr.com/ru/articles/1030302/

    #MCP #OAuth2 #Keycloak #FastMCP #LangGraph #n8n #Telegramбот #peruser_авторизация #AIагент #Auth_Proxy

  14. Per-user OAuth для MCP-серверов: Keycloak, n8n и Telegram-бот через один Auth Proxy

    MCP-серверы не умеют в авторизацию, n8n не умеет в per-user токены, а OAuth-клиенты говорят на разных диалектах. Рассказываем, как один Auth Proxy перед FastMCP Gateway закрыл все три проблемы — и почему в итоге бот переехал на LangGraph Архитектура, грабли и код

    habr.com/ru/articles/1030302/

    #MCP #OAuth2 #Keycloak #FastMCP #LangGraph #n8n #Telegramбот #peruser_авторизация #AIагент #Auth_Proxy

  15. @tatsh Woo! mutt-oauth2 just made my day!

    Previously a gent from MIT IS&T put in HEROIC amounts of effort to pull together the prior jank-fest of oauth2 scripts and mutt configurations...

    But with your nice new package I can 'uv tool install', add the bits you specified to my muttrc and BOOM! I'm reading my MIT E-mail in a sane interface that doesn't make my remaining damaged eye want to shrivel up and retire :)

    Thank you!

    (Also just sent a Buy Me a Coffee :)

    #mutt #oauth2 #office365

  16. @tatsh Woo! mutt-oauth2 just made my day!

    Previously a gent from MIT IS&T put in HEROIC amounts of effort to pull together the prior jank-fest of oauth2 scripts and mutt configurations...

    But with your nice new package I can 'uv tool install', add the bits you specified to my muttrc and BOOM! I'm reading my MIT E-mail in a sane interface that doesn't make my remaining damaged eye want to shrivel up and retire :)

    Thank you!

    (Also just sent a Buy Me a Coffee :)

    #mutt #oauth2 #office365

  17. @tatsh Woo! mutt-oauth2 just made my day!

    Previously a gent from MIT IS&T put in HEROIC amounts of effort to pull together the prior jank-fest of oauth2 scripts and mutt configurations...

    But with your nice new package I can 'uv tool install', add the bits you specified to my muttrc and BOOM! I'm reading my MIT E-mail in a sane interface that doesn't make my remaining damaged eye want to shrivel up and retire :)

    Thank you!

    (Also just sent a Buy Me a Coffee :)

    #mutt #oauth2 #office365

  18. @tatsh Woo! mutt-oauth2 just made my day!

    Previously a gent from MIT IS&T put in HEROIC amounts of effort to pull together the prior jank-fest of oauth2 scripts and mutt configurations...

    But with your nice new package I can 'uv tool install', add the bits you specified to my muttrc and BOOM! I'm reading my MIT E-mail in a sane interface that doesn't make my remaining damaged eye want to shrivel up and retire :)

    Thank you!

    (Also just sent a Buy Me a Coffee :)

    #mutt #oauth2 #office365

  19. @tatsh Woo! mutt-oauth2 just made my day!

    Previously a gent from MIT IS&T put in HEROIC amounts of effort to pull together the prior jank-fest of oauth2 scripts and mutt configurations...

    But with your nice new package I can 'uv tool install', add the bits you specified to my muttrc and BOOM! I'm reading my MIT E-mail in a sane interface that doesn't make my remaining damaged eye want to shrivel up and retire :)

    Thank you!

    (Also just sent a Buy Me a Coffee :)

    #mutt #oauth2 #office365

  20. #DPoP closes a real gap in #OAuth2, but there’s a catch….

    Sender-constrained tokens are a meaningful upgrade over bearer tokens, but they don't fully solve the challenge of browser key storage.

    Check out the #InfoQ article by Dhruv Agnihotri for a deep dive: bit.ly/4w62YGA

    #WebDevelopment #Security #Cryptography #CyberSecurity

  21. #DPoP closes a real gap in #OAuth2, but there’s a catch….

    Sender-constrained tokens are a meaningful upgrade over bearer tokens, but they don't fully solve the challenge of browser key storage.

    Check out the #InfoQ article by Dhruv Agnihotri for a deep dive: bit.ly/4w62YGA

    #WebDevelopment #Security #Cryptography #CyberSecurity

  22. #DPoP closes a real gap in #OAuth2, but there’s a catch….

    Sender-constrained tokens are a meaningful upgrade over bearer tokens, but they don't fully solve the challenge of browser key storage.

    Check out the #InfoQ article by Dhruv Agnihotri for a deep dive: bit.ly/4w62YGA

    #WebDevelopment #Security #Cryptography #CyberSecurity

  23. #DPoP closes a real gap in #OAuth2, but there’s a catch….

    Sender-constrained tokens are a meaningful upgrade over bearer tokens, but they don't fully solve the challenge of browser key storage.

    Check out the #InfoQ article by Dhruv Agnihotri for a deep dive: bit.ly/4w62YGA

    #WebDevelopment #Security #Cryptography #CyberSecurity

  24. closes a real gap in , but there’s a catch….

    Sender-constrained tokens are a meaningful upgrade over bearer tokens, but they don't fully solve the challenge of browser key storage.

    Check out the article by Dhruv Agnihotri for a deep dive: bit.ly/4w62YGA

  25. Is there any way to setup OAuth2 authentication on self-hosted ejabberd (where ejabberd acts as a client and delegates authentication to an external identity provider)? Prosody seems to have modules for that, but I feel like migrating might be a pain... #XMPP #OAuth2 #ejabberd #Prosody

  26. Is there any way to setup OAuth2 authentication on self-hosted ejabberd (where ejabberd acts as a client and delegates authentication to an external identity provider)? Prosody seems to have modules for that, but I feel like migrating might be a pain... #XMPP #OAuth2 #ejabberd #Prosody

  27. Is there any way to setup OAuth2 authentication on self-hosted ejabberd (where ejabberd acts as a client and delegates authentication to an external identity provider)? Prosody seems to have modules for that, but I feel like migrating might be a pain... #XMPP #OAuth2 #ejabberd #Prosody

  28. Is there any way to setup OAuth2 authentication on self-hosted ejabberd (where ejabberd acts as a client and delegates authentication to an external identity provider)?

    Prosody seems to have modules for that, but I feel like migrating might be a pain...

    #XMPP #OAuth2 #ejabberd #Prosody

  29. Is there any way to setup OAuth2 authentication on self-hosted ejabberd (where ejabberd acts as a client and delegates authentication to an external identity provider)?

    Prosody seems to have modules for that, but I feel like migrating might be a pain...

    #XMPP #OAuth2 #ejabberd #Prosody

  30. Is there any way to setup OAuth2 authentication on self-hosted ejabberd (where ejabberd acts as a client and delegates authentication to an external identity provider)?

    Prosody seems to have modules for that, but I feel like migrating might be a pain...

    #XMPP #OAuth2 #ejabberd #Prosody

  31. Is there any way to setup OAuth2 authentication on self-hosted ejabberd (where ejabberd acts as a client and delegates authentication to an external identity provider)?

    Prosody seems to have modules for that, but I feel like migrating might be a pain...

    #XMPP #OAuth2 #ejabberd #Prosody

  32. Is there any way to setup OAuth2 authentication on self-hosted ejabberd (where ejabberd acts as a client and delegates authentication to an external identity provider)?

    Prosody seems to have modules for that, but I feel like migrating might be a pain...

    #XMPP #OAuth2 #ejabberd #Prosody

  33. That's my self-hosted mail now being OAuth2 authenticated, and a custom android thunderbird apk built to work with the local keycloak install.

    Desktop thunderbird updated with github.com/raa-org/thunderbird to enable OAuth2 on that as well.

    Maybe I'll updated my android build to fix the long standing bugbear I've had with it - set Check on the subscribed folders automatically, rather than have me go through each folder to set it to Check.

    #Thunderbird #OAuth2 #SelfHosting #Android #Linux #Keycloak

  34. That's my self-hosted mail now being OAuth2 authenticated, and a custom android thunderbird apk built to work with the local keycloak install.

    Desktop thunderbird updated with github.com/raa-org/thunderbird to enable OAuth2 on that as well.

    Maybe I'll updated my android build to fix the long standing bugbear I've had with it - set Check on the subscribed folders automatically, rather than have me go through each folder to set it to Check.

    #Thunderbird #OAuth2 #SelfHosting #Android #Linux #Keycloak

  35. That's my self-hosted mail now being OAuth2 authenticated, and a custom android thunderbird apk built to work with the local keycloak install.

    Desktop thunderbird updated with github.com/raa-org/thunderbird to enable OAuth2 on that as well.

    Maybe I'll updated my android build to fix the long standing bugbear I've had with it - set Check on the subscribed folders automatically, rather than have me go through each folder to set it to Check.

    #Thunderbird #OAuth2 #SelfHosting #Android #Linux #Keycloak

  36. 🎉🎉Introducing IPv8: the #protocol no one asked for, complete with #OAuth2 JWT jargon and #DHCP8 magic! Because what the internet needed was another layer of #complexity and buzzwords to solve problems no one knew existed. 🙄🔧✨
    ietf.org/archive/id/draft-thai #IPv8 #InternetBuzzwords #HackerNews #ngated

  37. 🎉🎉Introducing IPv8: the #protocol no one asked for, complete with #OAuth2 JWT jargon and #DHCP8 magic! Because what the internet needed was another layer of #complexity and buzzwords to solve problems no one knew existed. 🙄🔧✨
    ietf.org/archive/id/draft-thai #IPv8 #InternetBuzzwords #HackerNews #ngated

  38. 🎉🎉Introducing IPv8: the #protocol no one asked for, complete with #OAuth2 JWT jargon and #DHCP8 magic! Because what the internet needed was another layer of #complexity and buzzwords to solve problems no one knew existed. 🙄🔧✨
    ietf.org/archive/id/draft-thai #IPv8 #InternetBuzzwords #HackerNews #ngated

  39. 🎉🎉Introducing IPv8: the #protocol no one asked for, complete with #OAuth2 JWT jargon and #DHCP8 magic! Because what the internet needed was another layer of #complexity and buzzwords to solve problems no one knew existed. 🙄🔧✨
    ietf.org/archive/id/draft-thai #IPv8 #InternetBuzzwords #HackerNews #ngated

  40. 🎉🎉Introducing IPv8: the #protocol no one asked for, complete with #OAuth2 JWT jargon and #DHCP8 magic! Because what the internet needed was another layer of #complexity and buzzwords to solve problems no one knew existed. 🙄🔧✨
    ietf.org/archive/id/draft-thai #IPv8 #InternetBuzzwords #HackerNews #ngated

  41. «Über 100 Erweiterungen — Schädliche Chrome-Extensions greifen Nutzerdaten ab:
    Im Chrome Web Store verbreiten Cyberkriminelle über 100 schädliche Erweiterungen, die Nutzerkonten und Daten stehlen. Die Tools sind Teil einer koordinierten Kampagne mit gemeinsamer Infrastruktur.»

    Ein Argument mehr um Chrome zu vermeiden und egal auf welchem Browser nicht blind jegliche Plugins nutzen. Seit Jahr(zent)en ein Thema.

    😈 netzwoche.ch/news/2026-04-15/s

    #chrome #oauth2 #extension #browser #web #nutzerdaten #it

  42. Version 4.11.0 of contains contributions from related to authentication. Recently, they published a blog about how this enables their customers to send logs to their data lake using syslog-ng and the protocol.
    syslog-ng.com/community/b/blog

  43. Version 4.11.0 of #syslog_ng contains contributions from #Databricks related to #OAuth2 authentication. Recently, they published a blog about how this enables their customers to send logs to their data lake using syslog-ng and the #OpenTelemetry protocol.
    syslog-ng.com/community/b/blog

  44. Version 4.11.0 of #syslog_ng contains contributions from #Databricks related to #OAuth2 authentication. Recently, they published a blog about how this enables their customers to send logs to their data lake using syslog-ng and the #OpenTelemetry protocol.
    syslog-ng.com/community/b/blog

  45. Version 4.11.0 of #syslog_ng contains contributions from #Databricks related to #OAuth2 authentication. Recently, they published a blog about how this enables their customers to send logs to their data lake using syslog-ng and the #OpenTelemetry protocol.
    syslog-ng.com/community/b/blog