Aaron Parecki

#OAuth

• 

  Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

  OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

  In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

  Portland, Oregon

  Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2

• IETF 125 Shenzhen

  Mar

  14

  Mar

  …

  Mar

  20

  March 14-20, 2026
  7 days

  Futian Shangri-La, Shenzhen

  Shen Zhen Shi, Guang Dong Sheng, CN

  permalink #ietf #oauth
• Shenzhen

  Mar

  9

  Mar

  …

  Mar

  22

  March 9-22, 2026
  14 days

  Shenzhen

  Shenzhen, Guangdong Province, CN

  permalink #ietf #oauth
• Portland (PDX) to San Francisco (SFO)

  March 9, 2026 from 7:05am to 9:08am (-0700)

  Alaska Flight 526

  San Francisco (SFO) to Hong Kong (HKG)

  March 9, 2026 at 12:25pm (-0800) until Mar 10 at 7:00pm (+0800)

  Cathay Pacific Flight 879

  

  Hong Kong Intl in Hong Kong

  permalink #ietf #oauth

• Making OAuth Scale Securely for MCPs - Application Security Weekly

  

  The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth’s new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new spec like this.

  continue reading...

  Tue, Dec 9, 2025 11:30am -08:00 #mcp #oauth
• 

  The new MCP spec just dropped! 🎉
  
  There's too many new things to get into everything, but there are two big changes I am most excited about 👀
  
  📝 Client ID Metadata Documents (CIMD) - a simpler way to manage client registrations, clients describe themselves with a URL they control
  🔐 Enterprise-Managed Authorization extension (aka Cross App Access) - eliminate the OAuth redirect and get tokens for an MCP server by requesting them from the enterprise IdP
  
  It's been great working on this with folks like Den Delimarsky, Paul Carleton, David Soria Parra, Nick Cooper, Tyler Leonhardt, and more!
  
  Read more about what these mean for you in my full post
  👉 https://aaronparecki.com/2025/11/25/1/mcp-authorization-spec-update

  Portland, Oregon • 44°F

  1 like

  Tue, Nov 25, 2025 3:11pm -08:00 #oauth #cimd #xaa #mcp
• Cross App Access extends MCP to bring enterprise-grade security to AI agent interactions (www.okta.com)

  Tue, Nov 25, 2025 2:36pm -08:00 #mcp #oauth #xaa
• Arcade.dev and Anthropic advance MCP with new secure authorization flow - SiliconANGLE (siliconangle.com)

  Tue, Nov 25, 2025 2:36pm -08:00 #mcp #oauth

• Client Registration and Enterprise Management in the November 2025 MCP Authorization Spec

  

  The new MCP authorization spec is here! Today marks the one-year anniversary of the Model Context Protocol, and with it, the launch of the new 2025-11-25 specification.

  continue reading...

  1 like 1 mention

  Tue, Nov 25, 2025 1:25pm -08:00 #cimd #oauth #mcp #ai
• Montreal (YUL) to Boston (BOS)

  November 8, 2025 from 1:25pm to 2:52pm (-0500)

  Air Canada Flight 8608

  Boston (BOS) to Portland (PDX)

  November 8, 2025 from 4:46pm (-0500) to 8:07pm (-0800)

  Alaska Flight 1319

  

  Portland Intl in Portland

  permalink #ietf #okta #oauth
• 

  hacking oauth

  

  Montréal, Québec

  Thu, Nov 6, 2025 7:50pm -05:00 #oauth #ietf #365
• feature: Add support for Client ID Metadata Documents (CIMD) by chipgpt · Pull Request #13 · chipgpt/full-stack-saas-mcp (github.com)

  Mon, Nov 3, 2025 8:58pm -05:00 #oauth #cimd #mcp
• IETF 124 Montreal

  Nov

  3

  Nov

  …

  Nov

  7

  November 3-7, 2025
  5 days

  Fairmont The Queen Elizabeth

  Montréal, Québec, CA

  permalink #ietf #oauth #okta
• Portland (PDX) to Boston (BOS)

  November 1, 2025 from 7:00am (-0700) to 3:24pm (-0400)

  Alaska Flight 358

  Boston (BOS) to Montreal (YUL)

  November 1, 2025 from 6:40pm to 8:05pm (-0400)

  Air Canada Flight 8611

  

  Pierre Elliott Trudeau Intl in Montreal

  permalink #ietf #oauth
• Montreal

  Nov

  1

  Nov

  …

  Nov

  8

  November 1-8, 2025
  8 days

  Montreal

  Montreal, Quebec, CA

  permalink #ietf #oauth
• Internet Identity Workshop

  Oct

  28

  Oct

  29

  Oct

  30

  October 28-30, 2025
  3 days

  Computer History Museum

  Mountain View, California, US

  permalink #iiw #oauth #openid #okta
• New CoPhish attack steals OAuth tokens via Copilot Studio agents (www-bleepingcomputer-com.cdn.ampproject.org)

  Sat, Oct 25, 2025 7:32pm -07:00 #oauth #xaa
• San Jose (SJC) to Portland (PDX)

  October 24, 2025 from 3:00pm to 4:46pm (-0700)

  Alaska Flight 2240

  

  Portland Intl in Portland

  permalink #okta #iiw #openid #oauth
• 

  Photos from my session about Client ID Metadata Document at IIW

  

  Mountain View, California, USA

  Wed, Oct 22, 2025 12:09pm -07:00 #iiw #oauth #365 #cimd
• Portland (PDX) to San Jose (SJC)

  October 20, 2025 from 7:01am to 8:56am (-0700)

  Alaska Flight 3256

  

  Norman Y Mineta San Jose Intl in San Jose

  permalink #okta #iiw #openid #oauth
• Mountain View

  Oct

  20

  Oct

  …

  Oct

  24

  October 20-24, 2025
  5 days

  Computer History Museum

  Mountain View, California, US

  permalink #okta #oauth #iiw #openid