It's been a while since I've set up an Amazon Echo device. Do I need to come over there and teach some Amazon folks about the OAuth Device Flow? There is a better way than making me type my password …
by 
Jamie Tanna
.
#oauth.
OAuth 1.0 client package for Go. Contribute to gomodule/oauth1 development by creating an account on GitHub.
by Jamie Tanna
.
#oauth.
https://twitter.com/edent/status/1486371729987575813
Yes to variable expiry, but on refresh tokens not access tokens. Access tokens should always be short lived to the point you don't care. But stick it on the refresh token (or make it standard to allow no refresh at all, so it expires after that first hour) - that'd be cool!Steven Pears (@StevenPears)Wed, 26 Jan 2022 16:51 GMT
by Jamie Tanna
.
#oauth.
I wrote this 11 years ago. shkspr.mobi/blog/2011/01/o… I really wish more OAuth services would use the `expires_in` response. It would be great if you could authorise a service for a specified and limited amount of time.Terence Eden (@edent)Wed, 26 Jan 2022 16:13 GMT
by Jamie Tanna
.
#oauth.
https://twitter.com/scanlime/status/1462921099830706176
oauth, but for zoomers💾😺 #1 webring stan ⟦ prev | random | next ⟧ (@GalacticFurball)Mon, 22 Nov 2021 23:23 GMT
by Jamie Tanna
.
#oauth.
Why You Should Avoid using Client Secret Authentication for OAuth2 Client Credentials (7 mins read).
Why I recommend against using client secret authentication for OAuth2 and OpenID Connect APIs.
by Jamie Tanna
.
#oauth
#oauth2
#oidc
#security.
Tumblr's API is now OAuth2: engineering.tumblr.com/post/666127838… A significant security upgrade from what they had used previously (OAuth1.0a), let's see if @twitterdev will catch up to the @tumblr team.Emelia 👸🏻 (@ThisIsMissEm)Wed, 27 Oct 2021 15:47 +0000
by Jamie Tanna
.
#oauth2
#oauth
#tumblr
#twitter.
Recommended read: The Phantom Token Approach https://curity.io/resources/learn/phantom-token-pattern/
Recommended read: Top OAuth API Vulnerabilities | Nordic APIs https://nordicapis.com/top-oauth-api-vulnerabilities/
by Jamie Tanna
.
#api
#oauth
#oauth2.
Recommended read: API Tokens: A Tedious Survey https://fly.io/blog/api-tokens-a-tedious-survey/
by Jamie Tanna
.
#authentication
#authorization
#jwt
#paseto
#oauth
#oauth2.
Recommended read: Biscuit, the foundation for your authorization systems https://www.clever-cloud.com/blog/engineering/2021/04/12/introduction-to-biscuit/
by Jamie Tanna
.
#oauth2
#oauth
#security
#jwt
#paseto
#authorization.
Recommended read: Hidden OAuth attack vectors https://portswigger.net/research/hidden-oauth-attack-vectors
by Jamie Tanna
.
#oauth
#oauth2
#oidc
#security.
Recommended read: What's new in OAuth 2.1? https://fusionauth.io/blog/2020/04/15/whats-new-in-oauth-2-1
by Jamie Tanna
.
#oauth2
#oauth.
I couldn't find a comprehensive illustration to explain PKCE with OAuth so I made one myself! Pretty happy with how it turned out, what do you think?Kadi Kraman (@kadikraman)Sun, 08 Mar 2020 01:36 GMT
by Jamie Tanna
.
#oauth.
Recommended read: It's Time for OAuth 2.1 https://aaronparecki.com/2019/12/12/21/its-time-for-oauth-2-dot-1
by Jamie Tanna
.
#oauth.
Recommended read: An Illustrated Guide to OAuth and OpenID Connect https://developer.okta.com/blog/2019/10/21/illustrated-guide-to-oauth-and-oidc
by Jamie Tanna
.
#oauth
#oidc.
You're currently viewing page 1 of 1, of 26 posts.
