Aaron Parecki

I've got an ad spot opening up in the new year on https://oauth.net! This is *the* hub for everything about OAuth online. Text-only ads, and usually has a high clickthrough rate!

Get in touch if you'd like to get your business in front of 150,000 people a month!

Remember folks, "token exchange" does *not* mean "let me exchange a customer ID for a token"!

Good thread on how remotely connected Honda, Nissan, Infiniti, and Acura cars were all able to be remotely controlled knowing only the VIN.

https://twitter.com/samwcyo/status/1597792145691246593

This is your scheduled periodic reminder, for no particular reason, that now is a good time to review the third party OAuth apps that have access to your Twitter account, and remove any that you don't recognize or haven't used in a while.

➡ https://twitter.com/settings/connected_apps

What could possibly go wrong? https://twitter.com/racheltobac/status/1588367452043235328

October is cybersecurity awareness month.

Okta is a cybersecurity company.

...coincidence...?

In just 30 minutes, join me and @vibronet for another OAuth Happy Hour! We'll be catching up on all the latest progress in the world of OAuth and OpenID Connect! Bring your questions or just come to hear about what's new! https://youtu.be/Bg7cr9UTP9Q

I'm working on a new video course, (tentatively) called "Advanced OAuth Security"!

If you'd like to be the first to hear when it goes live, you can sign up for my email list here!

https://oauth2simplified.com

Just published a new version of OAuth 2.0 for Browser-Based Apps!

https://www.ietf.org/archive/id/draft-ietf-oauth-browser-based-apps-11.html

If you have feelings about tokens in browsers, please feel free to chime in on the discussion! You can comment on the mailing list or open issues on the GitHub repo linked from the doc!

Just landed in Seattle and realized even tho I fly thru here all the time I barely actually ever leave the airport!

Super excited to be helping out with this event tomorrow tho! There's still space if you want to join!

https://twitter.com/auth0/status/1560628964254679040

In case you needed a reminder about why we care so much about OAuth/OIDC flows being used in the system browser and not embedded browsers, Instagram injects their own tracking code in every web page you visit inside Instagram https://krausefx.com/blog/ios-privacy-instagram-and-facebook-can-track-anything-you-do-on-any-website-in-their-in-app-browser

Heading to Philly for #IETF114! Come find me and say hi! My agenda:

Mon 10-12 OAuth WG
Tue 10-11:30 OAuth Side Meeting
Wed 10-11:30 OAuth Side Meeting
Wed 2-3:30 SCIM Side Meeting
Thu 10-12 GNAP WG
Thu 2-3:30 OAuth Side Meeting
Thu 4-5:30 SCIM Side Meeting
Fri 12:30-2:30 SCIM WG

I can't believe it's already been 3 months since @vibronet and I last hosted an OAuth Happy Hour! Join us tomorrow at 2:30 Pacific to catch up on all the news from the OAuth Security Workshop, #EIC2022, and Identiverse! https://youtu.be/A2l3yNmxOxA