home.social
Sign in Create account

#oauth20 — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #oauth20, aggregated by home.social.

  1. Habr @[email protected] ·

    Разработчики всё ещё путают JWT, JWKS, OAuth2 и OpenID Connect — разбираем на примерах. Часть 2

    Мы продолжаем наше погружение в мир аутентификации и будем разбирать всё на простых примерах с практикой на Go. В первой части статьи мы разобрали, как устроен JWT, зачем нам refresh и access токены и почему в распределенных системах нам необходимо использовать асимметричные алгоритмы подписи. Теперь пришло время двигаться дальше и познакомиться с тем, что стоит поверх JWT: JWKS, OAuth 2.0, OIDC.

    habr.com/ru/companies/ozontech

    #OIDC #sso #oauth2 #oauth20 #go #jwt #access_token #access_токен

    #access_токен #access_token #jwt #go #oauth20 #oauth2
  2. Rudder @[email protected] ·

    📰 #Windows Server 2025 est supporté pour l'agent.

    Il est maintenant possible d'authentifier des comptes d'API via #oauth20

    #windows #oauth20
  3. Pyrzout :vm: @[email protected] ·

    OAuth 2.0 Security Best Practices: How to Secure OAuth Tokens & Why Use PKCE – Source: securityboulevard.com ciso2ciso.com/oauth-2-0-securi #rssfeedpostgeneratorecho #Authenticationprotocols #SecurityBloggersNetwork #CyberSecurityNews #SecurityBoulevard #Identity&Access #authentication #oauth20 #PKCE

    #rssfeedpostgeneratorecho #authenticationprotocols #securitybloggersnetwork #cybersecuritynews #securityboulevard #identity
  4. Habr @[email protected] ·

    [Перевод] Настройка OAuth2/OIDC федерации в OpenAM

    В данном руководстве мы настроим федерацию между двумя инстансами OpenAM по протоколу OAuth2/OIDC. Один инстанс будет являться OAuth2/OIDC сервером (Identity Provider), другой - клиентом (Service Provider). Таким образом, вы можете аутентифицироваться в клиентском инстансе OpenAM (SP) используя учетные данные инстанса OpenAM (IdP) по протоколу OAuth2/OIDC.

    habr.com/ru/articles/802631/

    #OpenAM #oauth #sso #openid #openidconnect #oauth2 #oauth20

    #oauth20 #oauth2 #openidconnect #openid #sso #oauth
  5. Philip Gillißen @[email protected] ·

    @organicmaps is offering a #bounty to implement #OAuth20 into the app. 💰 Anybody up for it?

    #OpenStreetMap #AndroidDev
    github.com/organicmaps/organic

    #bounty #oauth20 #openstreetmap #androiddev
  6. Kingsley Uyi Idehen @[email protected] ·

    @aswath ,

    If what I am demonstrating was based solely on #OpenIDConnect + #OAuth20 then we might be close to your characterization, but if you look closer you will see there are other protocol options including #NetIDTLS (labeled as #WebIDTLS), pure #TLS, Digest Authentication etc..

    All ultimately providing unambiguous user #identity, post authentication that’s usable for #ABAC based ACL tests —in loosely-coupled fashion.

    /cc @atomicpoet @datasniff @judell @Mastodon

    #openidconnect #oauth20 #netidtls #webidtls #tls #identity
  7. Kingsley Uyi Idehen @[email protected] ·

    @aswath ,

    If what I am demonstrating was based solely on #OpenIDConnect + #OAuth20 then we might be close to your characterization, but if you look closer you will see there are other protocol options including #NetIDTLS (labeled as #WebIDTLS), pure #TLS, Digest Authentication etc..

    All ultimately providing unambiguous user #identity, post authentication that’s usable for #ABAC based ACL tests —in loosely-coupled fashion.

    /cc @atomicpoet @datasniff @judell @Mastodon

    #openidconnect #oauth20 #netidtls #webidtls #tls #identity
  8. Kingsley Uyi Idehen @[email protected] ·

    @aswath ,

    If what I am demonstrating was based solely on #OpenIDConnect + #OAuth20 then we might be close to your characterization, but if you look closer you will see there are other protocol options including #NetIDTLS (labeled as #WebIDTLS), pure #TLS, Digest Authentication etc..

    All ultimately providing unambiguous user #identity, post authentication that’s usable for #ABAC based ACL tests —in loosely-coupled fashion.

    /cc @atomicpoet @datasniff @judell @Mastodon

    #openidconnect #oauth20 #netidtls #webidtls #tls #identity
  9. Kingsley Uyi Idehen @[email protected] ·

    @aswath ,

    If what I am demonstrating was based solely on #OpenIDConnect + #OAuth20 then we might be close to your characterization, but if you look closer you will see there are other protocol options including #NetIDTLS (labeled as #WebIDTLS), pure #TLS, Digest Authentication etc..

    All ultimately providing unambiguous user #identity, post authentication that’s usable for #ABAC based ACL tests —in loosely-coupled fashion.

    /cc @atomicpoet @datasniff @judell @Mastodon

    #abac #identity #tls #webidtls #netidtls #oauth20
  10. Kingsley Uyi Idehen @[email protected] ·

    @aswath ,

    If what I am demonstrating was based solely on #OpenIDConnect + #OAuth20 then we might be close to your characterization, but if you look closer you will see there are other protocol options including #NetIDTLS (labeled as #WebIDTLS), pure #TLS, Digest Authentication etc..

    All ultimately providing unambiguous user #identity, post authentication that’s usable for #ABAC based ACL tests —in loosely-coupled fashion.

    /cc @atomicpoet @datasniff @judell @Mastodon

    #openidconnect #oauth20 #netidtls #webidtls #tls #identity
  11. heise online (inoffiziell) @[email protected] ·
    WebAuthn und FIDO2 sollen Entwicklern das Implementieren passwortfreien Identity- und Access-Managements via SaaS erleichtern.
    Hanko Identity will den Abschied vom Passwort
    #identitymanagement #openid #oauth20 #webauthn #fido2 #iam
  12. heise online (inoffiziell) @[email protected] ·
    Das OAuth Server-Modul für Drupal 8 benötigt ein Update auf 8.x-1.1. Die neue Version schließt eine "moderat kritische" Lücke.
    CMS Drupal: OAuth Server-Modul anfällig für SQL-Injection-Angriffe
    #oauth #sicherheitslücken #updates #drupal #oauth20