Aaron Parecki

Let's Clarify some Misunderstandings around Sign In with Apple

tl;dr This is a good move for users in the iOS ecosystem, and is primarily designed as an alternative for apps that currently use "Sign in with [Facebook/Twitter/Google]" to avoid leaking sensitive user info.
continue reading...

145 likes 46 reposts 1 bookmark 27 replies 17 mentions

Tue, Jun 4, 2019 2:44pm -07:00 #appleid #oauth #wwdc19
Alright, if you are curious about "Sign In with Apple," I walk through exactly how it works and what it looks like in this post.

https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

#WWDC19 #OAuth #AppleID

Portland, Oregon, USA

98 likes 46 reposts 4 replies 5 mentions

Tue, Jun 4, 2019 12:43pm -07:00 #wwdc19 #oauth #appleid
Reading all these tweets of people freaking out about Apple requiring apps to use "Sign In with Apple" and feeling another "authentication is not authorization" rant coming. Lots of misunderstanding of sign-in vs accessing APIs. #WWDC19 #OAuth

Portland, Oregon, USA

7 likes 2 reposts 2 replies 1 mention

Mon, Jun 3, 2019 9:12pm -07:00 #wwdc19 #oauth
Initial test of the "Sign in with Apple" API:

• It's more or less based on OAuth + OIDC
• Their documentation is missing a lot of key info to use it right now, I had to guess at a lot of things
• The `sub` claim includes some sort of unique user identifier, not an email

Portland, Oregon, USA

74 likes 23 reposts 8 replies

Mon, Jun 3, 2019 2:21pm -07:00 #oauth
Well this is exciting. 🍎🔐 #AppleID #OAuth #WWDC2019 #WWDC

Portland, Oregon, USA

9 likes 1 repost 2 replies

Mon, Jun 3, 2019 1:38pm -07:00 #appleid #oauth #wwdc2019 #wwdc
at The Rec Room

Toronto, ON, Canada • Tue, May 28, 2019 11:00am

43.64111 -79.386763

Setting up for my talk today! #okta #oauth

Toronto, ON, Canada

78 Coins

Tue, May 28, 2019 11:00am -04:00 #okta #oauth
To anyone who thought partial redirect URL matching in @OAuth_2 is "good enough," read this thread. Complete Periscope account takeover just by viewing a tweet. https://hackerone.com/reports/110293 #oauth

Toronto, Ontario, CAN

13 likes 6 reposts 2 replies

Mon, May 27, 2019 4:54pm -04:00 #oauth
If you're in Toronto you should come to my #OAuth talk tomorrow! 🔐 https://regionalevents.okta.com/oktaapiworkshoptoronto

We'll have food and drinks, and we're giving copies of my book to everyone who attends! 📚

Toronto, Ontario, CAN

9 likes 1 repost 2 replies

Mon, May 27, 2019 3:46pm -04:00 #oauth
Ready to head home after a fun week of #IndieWebCamp, #BTConf, #a11yClub, and teaching two #OAuth workshops. ⁣
⁣Thanks so much to everyone who helped make all of that happen!
⁣
⁣Had a great time back in Düsseldorf and looking forward to coming back next year! ⁣
⁣#travel #condor #lufthansa #longhaulflight #frankfurtairport

Frankfurt Airport in Frankfurt am Main, Hessen, DEU

beyondtellerrand.com indieweb.org

26 likes 2 replies

Thu, May 16, 2019 10:50am +02:00 #indiewebcamp #btconf #a11yclub #oauth #travel #condor #lufthansa #longhaulflight #frankfurtairport
Better Default Security for IndieAuth Login Forms

Last year, I posted a JavaScript snippet that I've started using in all my projects that have an IndieAuth login form, which will automatically add the http scheme if you type a plain domain. This is particularly a problem because the iOS keyboard doesn't include the : character in URL mode.
continue reading...

3 likes 1 reply

Mon, May 13, 2019 12:49am +02:00 #indieweb #indieauth #security #https
Browser APIs have gotten so much better lately! Way easier to do @oauth_2 PKCE in a browser now:

✅ good random number generators
✅ secure hashing functions

Just missing a good base64 encoding function. (Check out the ugly hack in the post.)

https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead#begin-the-pkce-request

Mountain View, California, USA • 49°F

5 likes 1 repost 5 replies

Thu, May 2, 2019 8:25am -07:00 #oauth #javascript #pkce
Just in time for #iiw I published a blog post: "Is the OAuth 2.0 Implicit Flow Dead?" https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead

Mountain View, California, USA • 49°F

18 likes 9 reposts 6 replies

Wed, May 1, 2019 9:30am -07:00 #oauth #iiw
at Mission Rock Resort

San Francisco, California • Thu, April 4, 2019 11:50am

37.765483 -122.386624

#okta afterparty

San Francisco, CA, United States

1 Coin

Thu, Apr 4, 2019 11:50am -07:00 #okta
View from our Developer Hub at #oktane19!

Moscone Center, San Francisco, CA in San Francisco, California, USA

12 likes 1 reply

Thu, Apr 4, 2019 11:37am -07:00 #oktane19
Standing room only for my talk at #oktane19! 🎉 "OAuth: When Things Go Wrong" I had a blast, thanks everyone for coming to the session!
The video will be posted to the @okta YouTube channel soon! .
.
.
#okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail 📷 @quorralyne

Moscone West Convention Center in San Francisco, California, USA • 49°F

20 likes 1 repost 2 replies

Wed, Apr 3, 2019 3:48pm -07:00 #oktane19 #okta #oktane #oauth #security #devrel #facebookfail #twitterfail #googlefail
at Moscone West

San Francisco, California • Wed, April 3, 2019 8:44am

37.783496 -122.40353

#oktane19

San Francisco, CA, United States

20 Coins

Wed, Apr 3, 2019 8:44am -07:00 #oktane19
at Chaat Corner

San Francisco, California • Tue, April 2, 2019 7:55pm

37.783474 -122.398815

#okta team dinner!

San Francisco, CA, United States • 49°F

15 Coins

Tue, Apr 2, 2019 7:55pm -07:00 #okta
Listening to @timberners_lee talk about the history of the web at #oktane19

Moscone West Convention Center in San Francisco, California, USA • 49°F

11 likes 1 repost 1 reply

Tue, Apr 2, 2019 5:19pm -07:00 #oktane19
at Moscone West

San Francisco, California • Tue, April 2, 2019 8:28am

37.783496 -122.40353

#Oktane19

San Francisco, CA, United States

1 like 20 Coins

Tue, Apr 2, 2019 8:28am -07:00 #oktane19
at Moscone West

San Francisco, California • Mon, April 1, 2019 4:47pm

37.783496 -122.40353

#oktane19 begins!

San Francisco, CA, United States • 49°F

2 Coins

Mon, Apr 1, 2019 4:47pm -07:00 #oktane19

older

Aaron Parecki

Let's Clarify some Misunderstandings around Sign In with Apple

Better Default Security for IndieAuth Login Forms