#openid — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #openid, aggregated by home.social.
-
One Open-source Project Daily
Simple, unobtrusive authentication for Node.js.
https://github.com/jaredhanson/passport
#1ospd #opensource #express #nodejs #oauth #oauth2 #openid #openidconnect #passport #saml -
One Open-source Project Daily
Simple, unobtrusive authentication for Node.js.
https://github.com/jaredhanson/passport
#1ospd #opensource #express #nodejs #oauth #oauth2 #openid #openidconnect #passport #saml -
One Open-source Project Daily
Simple, unobtrusive authentication for Node.js.
https://github.com/jaredhanson/passport
#1ospd #opensource #express #nodejs #oauth #oauth2 #openid #openidconnect #passport #saml -
One Open-source Project Daily
Simple, unobtrusive authentication for Node.js.
https://github.com/jaredhanson/passport
#1ospd #opensource #express #nodejs #oauth #oauth2 #openid #openidconnect #passport #saml -
One Open-source Project Daily
Simple, unobtrusive authentication for Node.js.
https://github.com/jaredhanson/passport
#1ospd #opensource #express #nodejs #oauth #oauth2 #openid #openidconnect #passport #saml -
The biggest US-based PHP conference of the year is coming up in less than a month, and you don’t want to miss it!
Join me at PHP Tek! I’ll be giving talks on OpenAPI and OAuth / OpenID.
-
The biggest US-based PHP conference of the year is coming up in less than a month, and you don’t want to miss it!
Join me at PHP Tek! I’ll be giving talks on OpenAPI and OAuth / OpenID.
-
The biggest US-based PHP conference of the year is coming up in less than a month, and you don’t want to miss it!
Join me at PHP Tek! I’ll be giving talks on OpenAPI and OAuth / OpenID.
-
The biggest US-based PHP conference of the year is coming up in less than a month, and you don’t want to miss it!
Join me at PHP Tek! I’ll be giving talks on OpenAPI and OAuth / OpenID.
-
The biggest US-based PHP conference of the year is coming up in less than a month, and you don’t want to miss it!
Join me at PHP Tek! I’ll be giving talks on OpenAPI and OAuth / OpenID.
-
Aaand configured clean OpenID / OIDC login with my Keycloak IdP 🙂 With PassKey based login via a Nitrokey USB token. Nice!
-
Dear LazyFedi, I'm looking for a #SaaS solution that acts as a kind of #SSO multiplexer.
I have 4 Microsoft tenancies, and I can map users to tenancies by email address. What I want is something that acts as a single frontend to all of them for #SAML / #OpenID logins.
I need this to set up SSO for some of our other SaaS products which only support one provider.
(NB: this needs to be SaaS, UK/EU based. I'm not able to self host anything in this context)
-
Dear LazyFedi, I'm looking for a #SaaS solution that acts as a kind of #SSO multiplexer.
I have 4 Microsoft tenancies, and I can map users to tenancies by email address. What I want is something that acts as a single frontend to all of them for #SAML / #OpenID logins.
I need this to set up SSO for some of our other SaaS products which only support one provider.
(NB: this needs to be SaaS, UK/EU based. I'm not able to self host anything in this context)
-
Dear LazyFedi, I'm looking for a #SaaS solution that acts as a kind of #SSO multiplexer.
I have 4 Microsoft tenancies, and I can map users to tenancies by email address. What I want is something that acts as a single frontend to all of them for #SAML / #OpenID logins.
I need this to set up SSO for some of our other SaaS products which only support one provider.
(NB: this needs to be SaaS, UK/EU based. I'm not able to self host anything in this context)
-
Dear LazyFedi, I'm looking for a #SaaS solution that acts as a kind of #SSO multiplexer.
I have 4 Microsoft tenancies, and I can map users to tenancies by email address. What I want is something that acts as a single frontend to all of them for #SAML / #OpenID logins.
I need this to set up SSO for some of our other SaaS products which only support one provider.
(NB: this needs to be SaaS, UK/EU based. I'm not able to self host anything in this context)
-
Dear LazyFedi, I'm looking for a #SaaS solution that acts as a kind of #SSO multiplexer.
I have 4 Microsoft tenancies, and I can map users to tenancies by email address. What I want is something that acts as a single frontend to all of them for #SAML / #OpenID logins.
I need this to set up SSO for some of our other SaaS products which only support one provider.
(NB: this needs to be SaaS, UK/EU based. I'm not able to self host anything in this context)
-
Last day of a long week at the #TIIME conference at #Nikhef in #Amsterdam. Today is all about #OpenID federations.
-
@developer
Mooie blog! De combinatie van OpenID.NLGov en SAML staat onder de noemer Authenticatie-standaarden op de 'pas toe of leg uit'-lijst met verplichte open standaarden: https://www.forumstandaardisatie.nl/open-standaarden/authenticatie-standaardenHet toepassingsgebied (dat de reikwijdte van de verplichting bepaalt) is zo gedefinieerd dat een identity provider (zoals DigiD en eHerkenning) voor ieder van beide standaarden een koppelvlak aanbiedt en dat dienstaanbieders de keuze hebben via welke ze aansluiten.
-
@developer
Mooie blog! De combinatie van OpenID.NLGov en SAML staat onder de noemer Authenticatie-standaarden op de 'pas toe of leg uit'-lijst met verplichte open standaarden: https://www.forumstandaardisatie.nl/open-standaarden/authenticatie-standaardenHet toepassingsgebied (dat de reikwijdte van de verplichting bepaalt) is zo gedefinieerd dat een identity provider (zoals DigiD en eHerkenning) voor ieder van beide standaarden een koppelvlak aanbiedt en dat dienstaanbieders de keuze hebben via welke ze aansluiten.
-
@developer
Mooie blog! De combinatie van OpenID.NLGov en SAML staat onder de noemer Authenticatie-standaarden op de 'pas toe of leg uit'-lijst met verplichte open standaarden: https://www.forumstandaardisatie.nl/open-standaarden/authenticatie-standaardenHet toepassingsgebied (dat de reikwijdte van de verplichting bepaalt) is zo gedefinieerd dat een identity provider (zoals DigiD en eHerkenning) voor ieder van beide standaarden een koppelvlak aanbiedt en dat dienstaanbieders de keuze hebben via welke ze aansluiten.
-
@developer
Mooie blog! De combinatie van OpenID.NLGov en SAML staat onder de noemer Authenticatie-standaarden op de 'pas toe of leg uit'-lijst met verplichte open standaarden: https://www.forumstandaardisatie.nl/open-standaarden/authenticatie-standaardenHet toepassingsgebied (dat de reikwijdte van de verplichting bepaalt) is zo gedefinieerd dat een identity provider (zoals DigiD en eHerkenning) voor ieder van beide standaarden een koppelvlak aanbiedt en dat dienstaanbieders de keuze hebben via welke ze aansluiten.
-
@developer
Mooie blog! De combinatie van OpenID.NLGov en SAML staat onder de noemer Authenticatie-standaarden op de 'pas toe of leg uit'-lijst met verplichte open standaarden: https://www.forumstandaardisatie.nl/open-standaarden/authenticatie-standaardenHet toepassingsgebied (dat de reikwijdte van de verplichting bepaalt) is zo gedefinieerd dat een identity provider (zoals DigiD en eHerkenning) voor ieder van beide standaarden een koppelvlak aanbiedt en dat dienstaanbieders de keuze hebben via welke ze aansluiten.
-
I've made SurillyaID available to the public! You can now use SurillyaID as an alternative / primary (whatever you want) login system using OIDC or OAuth 2!
Developer Portal: https://developer.surillya.com
Peertube Tutorial: https://video.surillya.com/w/fsbWVJU7E1SgawAj9XG2f2
YouTube tutorial: https://youtu.be/YQVn3aCgqLQ
#developer #php #oidc #openid #surillyaid #login #authorization #developers #webdev #html #website
-
🎉 New Django OAuth2 AuthCodeFlow release version 1.4.1 🎊
Authenticate with any OpenId Connect/Oauth2 provider through authorization code flow.
PKCE is also supportedhttps://pypi.org/project/django-oauth2-authcodeflow/
📦 https://gitlab.com/snake_coders/django-oauth2-authcodeflow/-/releases/v1.4.1
Feel free to give feedback 💬, open issues 📝 or merge requests 🎁.
📢 Boost appreciated.https://gitlab.com/snake_coders/django-oauth2-authcodeflow
#djangooauth2authcodeflow #oauth2 #oauth2client #openid #openidconnect #oidc #oidcclient #django -
🎉 New Django OAuth2 AuthCodeFlow release version 1.4.1 🎊
Authenticate with any OpenId Connect/Oauth2 provider through authorization code flow.
PKCE is also supportedhttps://pypi.org/project/django-oauth2-authcodeflow/
📦 https://gitlab.com/snake_coders/django-oauth2-authcodeflow/-/releases/v1.4.1
Feel free to give feedback 💬, open issues 📝 or merge requests 🎁.
📢 Boost appreciated.https://gitlab.com/snake_coders/django-oauth2-authcodeflow
#djangooauth2authcodeflow #oauth2 #oauth2client #openid #openidconnect #oidc #oidcclient #django -
🎉 New Django OAuth2 AuthCodeFlow release version 1.4.0 🎊
Authenticate with any OpenId Connect/Oauth2 provider through authorization code flow.
PKCE is also supportedhttps://pypi.org/project/django-oauth2-authcodeflow/
📦 https://gitlab.com/snake_coders/django-oauth2-authcodeflow/-/releases/v1.4.0
Feel free to give feedback 💬, open issues 📝 or merge requests 🎁.
📢 Boost appreciated.https://gitlab.com/snake_coders/django-oauth2-authcodeflow
#djangooauth2authcodeflow #oauth2 #oauth2client #openid #openidconnect #oidc #oidcclient #django -
🎉 New Django OAuth2 AuthCodeFlow release version 1.4.0 🎊
Authenticate with any OpenId Connect/Oauth2 provider through authorization code flow.
PKCE is also supportedhttps://pypi.org/project/django-oauth2-authcodeflow/
📦 https://gitlab.com/snake_coders/django-oauth2-authcodeflow/-/releases/v1.4.0
Feel free to give feedback 💬, open issues 📝 or merge requests 🎁.
📢 Boost appreciated.https://gitlab.com/snake_coders/django-oauth2-authcodeflow
#djangooauth2authcodeflow #oauth2 #oauth2client #openid #openidconnect #oidc #oidcclient #django -
A new way to think about zero trust for workloads https://www.helpnetsecurity.com/2025/11/03/research-zero-trust-workload-authentication/ #cybersecurity #ZeroNetworks #SentinelOne #enterprise #Don'tmiss #framework #zerotrust #Features #Hotstuff #research #strategy #OpenID #News #CISO
-
A new way to think about zero trust for workloads https://www.helpnetsecurity.com/2025/11/03/research-zero-trust-workload-authentication/ #cybersecurity #ZeroNetworks #SentinelOne #enterprise #Don'tmiss #framework #zerotrust #Features #Hotstuff #research #strategy #OpenID #News #CISO
-
A new way to think about zero trust for workloads https://www.helpnetsecurity.com/2025/11/03/research-zero-trust-workload-authentication/ #cybersecurity #ZeroNetworks #SentinelOne #enterprise #Don'tmiss #framework #zerotrust #Features #Hotstuff #research #strategy #OpenID #News #CISO
-
A new way to think about zero trust for workloads https://www.helpnetsecurity.com/2025/11/03/research-zero-trust-workload-authentication/ #cybersecurity #ZeroNetworks #SentinelOne #enterprise #Don'tmiss #framework #zerotrust #Features #Hotstuff #research #strategy #OpenID #News #CISO
-
Don't miss MSMVP and Pluralsight author Roland Guijt at TechBash 2025. He'll be presenting a pair of security-related topics you shouldn't miss.
Register by Oct 3rd with code LASTCALL100 to save an extra $100: https://techbash.com/
#blazor #auth #openid #oauth #webdev #dotnet #devconference #kalahari #poconos
-
Transition your #ArcGIS accounts to organization-specific (#SAML or #OpenID Connect) accounts https://tinyurl.com/mr25xhkf
#security #ArcGISAdmin #ArcGISOnline #GIS #esri #WebGIS #GISchat #geospatial #mapstodon @esri @esrifederalgovt @esrislgov @arcgisonline @esritraining
-
### #Cloudflare open sources #OPKSSH to bring Single Sign-On #SSO to #SSH
This week, it was officially open-sourced under the umbrella of the #OpenPubkey project, itself became a #Linux Foundation open-source initiative in 2023, OPKSSH remained closed-source until now. Making it easy to #authenticate to #servers over SSH using #OpenID Connect (#OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access.
-
Mixing up public and private keys in #OpenID #Connect #deployments (written by Hanno Böck) https://blog.hboeck.de/archives/909-Mixing-up-Public-and-Private-Keys-in-OpenID-Connect-deployments.html
-
#LemonLDAPNG 2.16.4 (#LTS) has been released (#LemonLDAP / #LDAP / #LightweightDirectoryAccessProtocol / #WebSSO / #SingleSignOn / #SSO / #OpenIDConnect / #CAS / #OAuth / #OpenID / #REST / #SAML / #SOAP) https://lemonldap-ng.org/
-
#LemonLDAPNG 2.20.1 has been released (#LemonLDAP / #LDAP / #LightweightDirectoryAccessProtocol / #WebSSO / #SingleSignOn / #SSO / #OpenIDConnect / #CAS / #OAuth / #OpenID / #REST / #SAML / #SOAP) https://lemonldap-ng.org/
-
⚠️ .io domain¹ likely being phased-out² — seven suggested steps
Good article in The Verge summarizing recent .io related events, see that for more context if this is news to you:
* https://www.theverge.com/2024/10/8/24265441/uk-treaty-end-io-domain-chagos-islands
It looks likely .io (and .io domains) will go away in the next few years (as .cs and .yu did³), so here are my suggested steps to take depending on your usage of .io domains:
1. Avoid buying new .io domains (or making plans with existing ones; sell if you can)
2. If you currently run a .io service⁴ (for a company or community), make and publicize a transition plan (like a new domain, redirection, orderly shutdown plan for redirects)
3. If you have a personal site on a .io domain⁵ or subdomain, make your own transition plan, and perhaps post about how others should link to your posts
4. If you are using someone else’s .io domain to publish (like #GitHubPages⁶), make a transition plan to publish elsewhere and leave a forwarding note and link behind
5. If you use a .io domain as your Web sign-in login on any sites, switch them to another non-io personal domain
6. Similarly if your site accepts #WebSignIn logins (via #IndieAuth, #RelMeAuth, or even #OpenID), consider discouraging any new sign-ups from .io domains, and warning any existing users with .io domains to switch per # 5
7. If you have posts (or a whole #indieweb site) with links to .io sites or pages (like those in 2-4 above), make a plan for editing those links to point to an alternative or an archival copy (like on the Internet Archive)
And of course, post about your #dotIO plans.
Glossary
Domain
https://indieweb.org/domain
IndieAuth
https://indieweb.org/IndieAuth
Internet Archive
https://web.archive.org/
OpenID
https://indieweb.org/OpenID
Redirect
https://indieweb.org/redirect
RelMeAuth
https://indieweb.org/RelMeAuth
Web sign-in
https://indieweb.org/Web_sign-in
References:
¹ https://indieweb.org/.io
² https://en.wikipedia.org/wiki/.io#Phasing_Out
³ https://en.wikipedia.org/wiki/.cs
⁴ E.g. https://indieweb.org/webmention.io or https://indieweb.org/granary.io
⁵ E.g. https://indieweb.org/werd.io
⁶ https://indieweb.org/github.io
This is post 25 of #100PostsOfIndieWeb. #100Posts
← https://tantek.com/2024/283/t1/metaphors-constructive-cooperative-joyful
→ https://tantek.com/2024/287/t1/fediverse-unfollow-bridgyfed-bug -
#LemonLDAPNG 2.19.2 has been released (#LemonLDAP / #LDAP / #LightweightDirectoryAccessProtocol / #WebSSO / #SingleSignOn / #SSO / #OpenIDConnect / #CAS / #OAuth / #OpenID / #REST / #SAML / #SOAP) https://lemonldap-ng.org/
-
#LemonLDAPNG 2.19.1 has been released (#LemonLDAP / #LDAP / #LightweightDirectoryAccessProtocol / #WebSSO / #SingleSignOn / #SSO / #OpenIDConnect / #CAS / #OAuth / #OpenID / #REST / #SAML / #SOAP) https://lemonldap-ng.org/
-
Атака на SSH и взлом туннелей VPN
SSH стал практически стандартом де-факто для подключения к серверу или удалённому десктопу. Поэтому уязвимости вызывают определённое беспокойство. Тем более в нынешних условиях, когда весь трафик в интернете записывается и сохраняется в хранилищах провайдеров и хостеров. То есть в будущем его могут расшифровать, будь найдена уязвимость, подрывающая базовую криптографию. Опасную уязвимость нашли исследователи из Рурского университета в Бохуме. Атака получила название Terrapin (CVE-2023-48795). Правда, её вряд ли можно использовать именно на сохранённом трафике, потому что схема MiTM предусматривает подбор значений во время рукопожатия сервера и клиента. У злоумышленника должен быть доступ к каналу и возможность подменять пакеты.
https://habr.com/ru/companies/globalsign/articles/788980/
#SSH #TunnelCrack #SSH3 #SSH2 #HTTP/3 #QUIC #VPN #LocalNet #ServerIP #TLS_13 #HTTP_Authorization #авторизация #OAuth_20 #OpenID #сканирование_портов #OpenSSH #MiTM #Terrapin
-
Атака на SSH и взлом туннелей VPN
SSH стал практически стандартом де-факто для подключения к серверу или удалённому десктопу. Поэтому уязвимости вызывают определённое беспокойство. Тем более в нынешних условиях, когда весь трафик в интернете записывается и сохраняется в хранилищах провайдеров и хостеров. То есть в будущем его могут расшифровать, будь найдена уязвимость, подрывающая базовую криптографию. Опасную уязвимость нашли исследователи из Рурского университета в Бохуме. Атака получила название Terrapin (CVE-2023-48795). Правда, её вряд ли можно использовать именно на сохранённом трафике, потому что схема MiTM предусматривает подбор значений во время рукопожатия сервера и клиента. У злоумышленника должен быть доступ к каналу и возможность подменять пакеты.
https://habr.com/ru/companies/globalsign/articles/788980/
#SSH #TunnelCrack #SSH3 #SSH2 #HTTP/3 #QUIC #VPN #LocalNet #ServerIP #TLS_13 #HTTP_Authorization #авторизация #OAuth_20 #OpenID #сканирование_портов #OpenSSH #MiTM #Terrapin
-
🌟 This is the official Mastodon account for LemonLDAP::NG, a Web Single Sign On free software compatible with many open standards like CAS, SAML and OpenID Connect.
ℹ️ We will publish here information about releases and new features. Please follow us!
🌐 See also our official website: https://www.lemonldap-ng.org
#introduction #lemonldap #lemonldapng #SSO #WebSSO #CAS #SAML #OpenID #OpenIDConnect #OIDC #OpenSource #FreeSoftware #LogicielLibre #Perl
-
OpenWeb-Notizen: XAuth, OExchange, Firefox Sync, RDFa
Chris Messina erklärt XAuth
Inhalt von Vimeo anzeigen
XAuth ist eine Art Cross-Domain Cookie mit dem man Versucht die Flut an Share, Like und Login Icons auf ein Minimum zu reduzieren.Hier klicken, um den Inhalt von Vimeo anzuzeigen.
Erfahre mehr in der Datenschutzerklärung von Vimeo.Inhalt von Vimeo immer anzeigen
„XAuth – an introduction“ direkt öffnen» XAuth – an introduction
» Offizielle XAuth SeiteOExchange einfach erklärt
Inhalt von YouTube anzeigen
OExchange ist ein offenes Protokoll um eine beliebige URL mit einem beliebigen Service im Web zu teilen. Die Demo zeigt die Funktionsweise von OExchange und welche Vorteile sich in Kombination mit z.B. XAuth ergeben.Hier klicken, um den Inhalt von YouTube anzuzeigen.
Erfahre mehr in der Datenschutzerklärung von YouTube.Inhalt von YouTube immer anzeigen
„OExchange Overview Video“ direkt öffnen» OExchange in action
» Offizielle OExchange SeiteFirefox Sync
Mozilla benennt das Labs-Projekt Weave Sync in Firefox Sync um und kündigt an, den Sync-Mechanismus in eine der nächsten Firefox Versionen fest zu integrieren. Im Zuge meiner Recherche bin ich außerdem noch auf einen Wiki-Artikel gestoßen, der erklärt wie man den Firefox Sync zukünftig auch mit OpenID oder OAuth koppeln könnte:The user must have a way of proving to a third-party service that they really are who they claim, and for the Mozilla service to provide information back to the third-party service that access has been granted. The OpenID and OAuth protocols provide what we need here, and the OpenID/OAuth hybrid flow has been described.
Once this is done, the third party service will be able to establish a relationship with the Weave Sync service for a user, without the user disclosing his or her password.
» Stay in Sync With Your Firefox
» Firefox Sync Graduates from Mozilla Labs
» Secure Data SharingRDFa 1.1 – Alles neu, alles anders
Dank HTML5 (ohne X) wurde RDFa noch einmal grundlegend überdacht. In der Version 1.1 werden die RDF-Vocabularies beispielsweise nicht mehr über Namespaces definiert. Früher:<a xmlns:cc="http://creativecommons.org/ns#" rel="cc:license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/">a>.Code-Sprache: HTML, XML (xml)Jetzt:
<a prefix="cc: http://creativecommons.org/ns#" rel="cc:license" href="http://creativecommons.org/licenses/by-nc-nd/3.0/">a>.Code-Sprache: HTML, XML (xml)Grund der Änderung: HTML kennt im Gegensatz zu XHTML keine Namespaces und RDFa soll sowohl in HTML5 als auch in XHTML5 integriert werden.
RDFa checker
Toby Inkster hat einen sehr umfangreichen RDFa checker veröffentlicht:It checks your web page for RDFa and displays any data found there. It also compares your data against the published recommendations from major consumers/users of RDFa data, to see how well your data matches their requirements.
#Firefox #NASCARProblem #OAuth #OExchange #OpenID #RDFa #sync #Video #XAuth
