Alright, I think we can call it. Between @tlodderstedt's OAuth ... • Aaron Parecki

53°F

Alright, I think we can call it. Between @tlodderstedt's OAuth Security Best Practices and OAuth 2.0 for Browser Apps, the Implicit Flow is dead.

https://tools.ietf.org/html/draft-ietf-oauth-security-topics-09

https://tools.ietf.org/html/draft-parecki-oauth-browser-based-apps-00

https://medium.com/@torsten_lodderstedt/why-you-should-stop-using-the-oauth-implicit-grant-2436ced1c926

Portland, Oregon, USA • 36°F

#oauth #oauth2

Fri, Nov 9, 2018 8:57am -08:00

4 likes 5 reposts 2 mentions
Have you written a response to this? Let me know the URL:

Other Mentions
- Zachary Dunn adhoc.systems/about
  
  Boosted https://aaronparecki.com/2018/11/09/4/implicit
  
  Mon, Nov 12, 2018 8:14am -08:00
- adhoc.systems
  
  Mon, Jan 21, 2019 10:12am -08:00

Posted in /notes using quill.p3k.io