Aaron Parecki

#OAuth2

• 

  Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

  OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

  In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

  Portland, Oregon

  #oauth #oauth2

  Sat, Feb 4, 2017 11:35am -08:00

• OAuth WG

  New Draft of OAuth for Browser-Based Apps (Draft -11)

  With the help of a few kind folks, we've made some updates to the OAuth 2.0 for Browser-Based Apps draft as discussed during the last IETF meeting in Philadelphia.

  continue reading...

  #oauth #oauth2

  Thu, Sep 15, 2022 6:04pm -07:00
• 

  "the rich and sometimes troubled history of proof of possession" ... a bit of an understatement #osw7 @__b_c @oauth_2 @secworkshop

  

  Trondheim, Trøndelag, NOR • 42°F

  10 likes 5 reposts

  #oauth2 #osw7

  Wed, May 4, 2022 11:41am +02:00
• OAuth 2.0 https://twitter.com/oauth_2

  New version available! "The OAuth 2.1 Authorization Framework" https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-04.html by @DickHardt @aaronpk @tlodderstedt #oauth #oauth2 #ietf

  Portland, Oregon • 55°F

  #oauth #oauth2 #ietf

  Wed, Oct 6, 2021 12:51am +00:00 (liked on Tue, Oct 5, 2021 5:52pm -07:00)
• Matt Raible https://twitter.com/mraible

  Today is Okta + Auth0's developer day! Learn how to secure APIs, IoT devices, and your JAMstack apps.
  
  🤓 https://developerday.com
  
  Tomorrow, we're hosting a full day of labs with hands-on exercises.
  
  📺 https://developer-day.live
  
  I hope to see you there!
  
  #security #oauth2 #oidc

  Seattle, Washington • 54°F

  #security #oauth2 #oidc

  Tue, Aug 24, 2021 2:41pm +00:00 (liked on Tue, Aug 24, 2021 8:21am -07:00)
• Matt Raible https://twitter.com/mraible

  If you're into identity, join us next week at our first #DeveloperDay. The speaker lineup looks great! I'll be in the chat and watching along with y'all.
  
  🗓 https://www.okta.com/developerday/#agenda
  
  #oktadev #auth0 #oauth2 #oidc

  Portland, Oregon • 69°F

  #DeveloperDay #oktadev #auth0 #oauth2 #oidc

  Tue, Aug 17, 2021 1:37am +00:00 (liked on Mon, Aug 16, 2021 9:12pm -07:00)
• Internet ID Workshop https://twitter.com/idworkshop

  Get the latest on Oauth2 from Aaron Parecki @aaronpk One of our featured 101 Sessions Presenters at #IIW - today during Session 2 in Breakout Space B #OAuth2 #OAuth

  

  Portland, Oregon • 65°F

  #IIW #OAuth2 #OAuth

  Tue, Apr 20, 2021 4:52pm +00:00 (liked on Tue, Apr 20, 2021 11:35am -07:00)
• Internet ID Workshop https://twitter.com/idworkshop

  Belated Thanks! Get the latest on Oauth2 from Aaron Parecki @aaronpk One of our featured 101 Sessions Presenters at #IIW today!
  #OAuth2 #OAuth

  

  Portland, Oregon • 60°F

  #IIW #OAuth2 #OAuth

  Tue, Oct 20, 2020 9:56pm +00:00 (liked on Tue, Oct 20, 2020 2:58pm -07:00)
• Alexander Clouter / oauth2-worker · GitLab (gitlab.com)

  #oauth #spa #oauth2

  Fri, Sep 4, 2020 2:23pm -07:00
• APIsecurity.io https://twitter.com/apisecurityio

  OAuth 2.1 is now an official IETF OAuth working group draft: https://tools.ietf.org/html/draft-ietf-oauth-v2-1-00
  OAuth 2.1 is not a new standard but rather security best practices for #OAuth2. So no risk breaking compat, can be adopted right away.
  See @aaronpk talking about it here: https://youtu.be/sUEBatNmsbY

  Portland, Oregon • 63°F

  #OAuth2

  Mon, Aug 3, 2020 1:00pm +00:00 (liked on Mon, Aug 3, 2020 6:28am -07:00)
• APIsecurity.io https://twitter.com/apisecurityio

  Want to experiment with different #OAuth2 and #OIDC flows? Check out @aaronpk's OAuth 2.0 Playground: https://www.oauth.com/playground/ and @PhilippeDeRyck's Flow Simulator: https://pragmaticwebsecurity.com/articles/oauthoidc/oauth-flow-simulator.html

  Portland, Oregon • 57°F

  #OAuth2 #OIDC

  Tue, Jul 14, 2020 1:00pm +00:00 (liked on Tue, Jul 14, 2020 6:01am -07:00)
• Matt Raible https://twitter.com/mraible

  I'm proud to say that @oktadev is sponsoring this event! @aaronpk and I will be speaking too. #oauth2 #jhipster
  
  Hope to see you there!

  Portland, Oregon • 51°F

  #oauth2 #jhipster

  Mon, Apr 13, 2020 4:54pm +00:00 (liked on Mon, Apr 13, 2020 9:55am -07:00)
• OAuth WG

  First Draft of OAuth 2.1

  I'm happy to share that Dick and Torsten and I have published a first draft of OAuth 2.1. We've taken the feedback from the discussions on the list and incorporated that into the draft.

  continue reading...

  61 likes 27 reposts 2 replies 4 mentions

  #oauth #oauth2 #ietf #oauth21

  Wed, Mar 11, 2020 5:22pm -07:00
• Mark W. Schumann https://twitter.com/MarkWSchumann

  Excellent explanation by @aaronpk of @okta of why PKCE is important in #OAuth2. I feel like @nbarbettini, the guy on the left asking these questions.
  
  https://oauth.net/2/grant-types/implicit/

  Portland, Oregon • 43°F

  #OAuth2

  Sat, Jan 11, 2020 10:55pm +00:00 (liked on Sat, Jan 11, 2020 8:04pm -08:00)
• 

  Some more info on OAuth 2.1 from the @oktadev blog:
  
  OAuth 2.1: How many RFCs does it take to change a light bulb?
  
  https://developer.okta.com/blog/2019/12/13/oauth-2-1-how-many-rfcs

  Portland, Oregon • 46°F

  31 likes 5 reposts 7 replies 2 mentions

  #oauth #oauth2

  Fri, Dec 13, 2019 10:29am -08:00
• Matt Raible https://twitter.com/mraible

  With OAuth 2.1:
  
  "...there should be no need to document the most secure way to implement OAuth, since that should be the only option available when you read the spec." 👍 #oauth2

  Portland, Oregon • 49°F

  #oauth2

  Fri, Dec 13, 2019 2:44am +00:00 (liked on Thu, Dec 12, 2019 6:45pm -08:00)

• It's Time for OAuth 2.1

  

  Trying to understand OAuth often feels like being trapped inside a maze of specs, trying to find your way out, before you can finally do what you actually set out to do: build your application.

  continue reading...

  107 likes 58 reposts 1 bookmark 2 replies 24 mentions

  #oauth #oauth2 #oauth21

  Thu, Dec 12, 2019 6:10pm -08:00

• It's an OAuth week!

  

  Now is your chance to join and ask me your OAuth questions!

  continue reading...

  5 likes 3 reposts 1 mention

  #oauth #oauth2

  Mon, Dec 9, 2019 1:28pm -08:00
• 

  If you missed my talk from @APIdaysAU last month, I just posted the video online!
  
  Securing Your APIs with #OAuth 2.0: https://youtu.be/PfvSD6MmEmQ

  Amsterdam, Noord-Holland, NLD • 63°F

  13 likes 2 reposts 2 mentions

  #oauth #apidays #apidaysau #oauth2

  Tue, Oct 1, 2019 1:58pm +02:00
• Matt Raible https://twitter.com/mraible

  What's going on with the OAuth 2.0 Implicit flow? From my awesome colleagues @aaronpk and @nbarbettini! https://youtu.be/CHzERullHe8 #oauth2 #implicitflow

  Portland, Oregon

  #oauth2 #implicitflow

  Tue, Jun 11, 2019 1:37am +00:00 (liked on Mon, Jun 10, 2019 6:50pm -07:00)
• Arindam Mukherjee https://twitter.com/ErrInDam

  If you've struggled to understand how #OAuth2 works, this one should help:
  
  https://aaronparecki.com/oauth-2-simplified/

  Portland, Oregon

  1 mention

  #OAuth2

  Sun, May 19, 2019 9:04am +00:00 (liked on Sun, May 19, 2019 9:20am -07:00)