52°F

Aaron Parecki

  • Articles
  • Notes
  • Photos
  • OAuth WG

    New OAuth for Browser-Based Apps draft -04

    September 26, 2019
    Hi all,

    I've revised the browser-based apps draft to take into account
    everything discussed at the previous IETF meeting in Montreal.

    https://tools.ietf.org/html/draft-ietf-oauth-browser-based-apps-04

    Here's a summary of the changes:
    • Disallow the password grant to bring it inline with the Security BCP
    • Rewrote the section about refresh tokens to allow refresh tokens if they are time-limited or rotated on each use
    • Updated the same-domain JS architecture section to focus more on the design pattern than the domain aspect
    • Added a few more references to the Security BCP

    This addresses all of the feedback from the session except for the one
    open item we had, which was to somehow describe that in some cases an
    access token will be sent down to the browser, and what to keep in
    mind when that is the case. This still needs some discussion on the
    list here.

    Please give it a read and let me know what you think! I think this is
    shaping up quite nicely now.
    Amsterdam, Noord-Holland
    Thu, Sep 26, 2019 3:45pm +02:00 #oauth
Posted in /articles using quill.p3k.io

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv