Prefilling OAuth2 scopes for GitHub Personal Access Tokens (1 mins read).
How to make it easier to set up your OAuth2 scopes on a Personal Access Token with GitHub.
Prefilling OAuth2 scopes for GitLab Personal Access Tokens (1 mins read).
How to make it easier to set up your OAuth2 scopes on a Personal Access Token with GitLab.
<div class="paragraph"> <p>We are excited to announce that we’ve started preparing for Spring Authorization Server 1.0 with plans to release the GA version in November 2022. It has been just over two years since we <a href="https://spring.io/blog/2020/04/15/announcing-the-spring-authorization-server">initially announced</a> this new project, and we have come a long way since its initial development. The project has a full <a href="https://docs.spring.io/spring-authorization-server/docs/current/reference/html/overview.html#feature-list">feature set</a>, and the APIs have stabilized and matured over this time. A lot of effort and care was put into this project to ensure that it can grow and adapt over the next few years.</p> </div> <div class="paragraph"> <p>Spring Authorization Server 1.0 will be based on Spring Security 6.0, which will be based off of <a href="https://spring.io/blog/2021/09/02/a-java-17-and-jakarta-ee-9-baseline-for-spring-framework-6">Spring Framework 6.0</a> and will require a minimum of Java 17 at runtime, as well as a minimum of Tomcat 10 or Jetty 11 (for Jakarta EE 9 compatibility). This major release will inherit the <a href="https://tanzu.vmware.com/support/oss">VMware Tanzu OSS support policy</a>. <a href="https://tanzu.vmware.com/spring-runtime">Commercial support</a>, which offers an extended support period, is also available from VMware.</p> </div>
Go OAuth 2.0 Introspection Client Middleware. Contribute to srikrsna/oauth-introspection development by creating an account on GitHub.
How to set up OAuth2/OpenID Connect authentication with an Architect Framework application.
OpenID Certified™ Relying Party (OpenID Connect/OAuth 2.0 Client) implementation for Node.js. - GitHub - panva/node-openid-client: OpenID Certified™ Relying Party (OpenID Connect/OAuth 2.0 Client) ...
It's been a few days without y'all reading my ✨ Opinions ✨ so here's one about #OAuth2 client credentials, and why you shouldn't use a client secret https://www.jvt.me/posts/2021/11/09/avoid-client-secret/
Why I recommend against using client secret authentication for OAuth2 and OpenID Connect APIs.
Implementing IndieAuth Server Metadata (2 mins read).
Announcing support for OAuth Server Metadata on my IndieAuth Server.
So with the recent discovery that GitHub Actions create an OIDC identity per run, it's possible to configure Vault to allow auth w/ Actions identities and subsequently use that to get access to... anything. Some cleanup required but this is very promising! (c/o @grantorchard)
Mitchell Hashimoto (@mitchellh)Mon, 20 Sep 2021 21:02 +0000
Announcing my new project, tokens-pls, which allows for easier manual testing with the OAuth2 code flow for Public Clients.
How to use the PKCE extension when using the Ruby library rack-oauth2 as an OAuth2 client.
Implementing the Refresh Token Grant in my IndieAuth Server (4 mins read).
Announcing support for long-lived refresh tokens as part of my IndieAuth server.
Setting up Multiple
redirect_uris on the Meetup.com API (2 mins read).
How to allow multiple
redirect_uris on your Meetup.com (OAuth2) API consumer.
You're currently viewing page 1 of 1, of 44 posts.