51°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

#OAuth2

  • Aaron Parecki

    Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

    OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

    In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

    Portland, Oregon
    Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2
  • OAuth WG

    New Draft of OAuth for Browser-Based Apps (Draft -11)

    With the help of a few kind folks, we've made some updates to the OAuth 2.0 for Browser-Based Apps draft as discussed during the last IETF meeting in Philadelphia.
    continue reading...
    Thu, Sep 15, 2022 6:04pm -07:00 #oauth #oauth2
  • Aaron Parecki
    "the rich and sometimes troubled history of proof of possession" ... a bit of an understatement #osw7 @__b_c @oauth_2 @secworkshop
    Trondheim, Trøndelag, NOR • 42°F
    10 likes 5 reposts
    Wed, May 4, 2022 11:41am +02:00 #oauth2 #osw7
  • OAuth 2.0 https://twitter.com/oauth_2
    New version available! "The OAuth 2.1 Authorization Framework" https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-04.html by @DickHardt @aaronpk @tlodderstedt #oauth #oauth2 #ietf
    Portland, Oregon • 55°F
    Wed, Oct 6, 2021 12:51am +00:00 (liked on Tue, Oct 5, 2021 5:52pm -07:00) #oauth #oauth2 #ietf
  • Matt Raible https://twitter.com/mraible
    Today is Okta + Auth0's developer day! Learn how to secure APIs, IoT devices, and your JAMstack apps.

    🤓 https://developerday.com

    Tomorrow, we're hosting a full day of labs with hands-on exercises.

    📺 https://developer-day.live

    I hope to see you there!

    #security #oauth2 #oidc
    Seattle, Washington • 54°F
    Tue, Aug 24, 2021 2:41pm +00:00 (liked on Tue, Aug 24, 2021 8:21am -07:00) #security #oauth2 #oidc
  • Matt Raible https://twitter.com/mraible
    If you're into identity, join us next week at our first #DeveloperDay. The speaker lineup looks great! I'll be in the chat and watching along with y'all.

    🗓 https://www.okta.com/developerday/#agenda

    #oktadev #auth0 #oauth2 #oidc
    Portland, Oregon • 69°F
    Tue, Aug 17, 2021 1:37am +00:00 (liked on Mon, Aug 16, 2021 9:12pm -07:00) #DeveloperDay #oktadev #auth0 #oauth2 #oidc
  • Internet ID Workshop https://twitter.com/idworkshop
    Get the latest on Oauth2 from Aaron Parecki @aaronpk One of our featured 101 Sessions Presenters at #IIW - today during Session 2 in Breakout Space B #OAuth2 #OAuth
    Portland, Oregon • 65°F
    Tue, Apr 20, 2021 4:52pm +00:00 (liked on Tue, Apr 20, 2021 11:35am -07:00) #IIW #OAuth2 #OAuth
  • Internet ID Workshop https://twitter.com/idworkshop
    Belated Thanks! Get the latest on Oauth2 from Aaron Parecki @aaronpk One of our featured 101 Sessions Presenters at #IIW today!
    #OAuth2 #OAuth
    Portland, Oregon • 60°F
    Tue, Oct 20, 2020 9:56pm +00:00 (liked on Tue, Oct 20, 2020 2:58pm -07:00) #IIW #OAuth2 #OAuth
  • Alexander Clouter / oauth2-worker · GitLab (gitlab.com)
    Fri, Sep 4, 2020 2:23pm -07:00 #oauth #spa #oauth2
  • APIsecurity.io https://twitter.com/apisecurityio
    OAuth 2.1 is now an official IETF OAuth working group draft: https://tools.ietf.org/html/draft-ietf-oauth-v2-1-00
    OAuth 2.1 is not a new standard but rather security best practices for #OAuth2. So no risk breaking compat, can be adopted right away.
    See @aaronpk talking about it here: https://youtu.be/sUEBatNmsbY
    Portland, Oregon • 63°F
    Mon, Aug 3, 2020 1:00pm +00:00 (liked on Mon, Aug 3, 2020 6:28am -07:00) #OAuth2
  • APIsecurity.io https://twitter.com/apisecurityio
    Want to experiment with different #OAuth2 and #OIDC flows? Check out @aaronpk's OAuth 2.0 Playground: https://www.oauth.com/playground/ and @PhilippeDeRyck's Flow Simulator: https://pragmaticwebsecurity.com/articles/oauthoidc/oauth-flow-simulator.html
    Portland, Oregon • 57°F
    Tue, Jul 14, 2020 1:00pm +00:00 (liked on Tue, Jul 14, 2020 6:01am -07:00) #OAuth2 #OIDC
  • Matt Raible https://twitter.com/mraible
    I'm proud to say that @oktadev is sponsoring this event! @aaronpk and I will be speaking too. #oauth2 #jhipster

    Hope to see you there!
    Portland, Oregon • 51°F
    Mon, Apr 13, 2020 4:54pm +00:00 (liked on Mon, Apr 13, 2020 9:55am -07:00) #oauth2 #jhipster
  • OAuth WG

    First Draft of OAuth 2.1

    I'm happy to share that Dick and Torsten and I have published a first draft of OAuth 2.1. We've taken the feedback from the discussions on the list and incorporated that into the draft.
    continue reading...
    61 likes 27 reposts 2 replies 4 mentions
    Wed, Mar 11, 2020 5:22pm -07:00 #oauth #oauth2 #ietf #oauth21
  • Mark W. Schumann https://twitter.com/MarkWSchumann
    Excellent explanation by @aaronpk of @okta of why PKCE is important in #OAuth2. I feel like @nbarbettini, the guy on the left asking these questions.

    https://oauth.net/2/grant-types/implicit/
    Portland, Oregon • 43°F
    Sat, Jan 11, 2020 10:55pm +00:00 (liked on Sat, Jan 11, 2020 8:04pm -08:00) #OAuth2
  • Aaron Parecki
    Some more info on OAuth 2.1 from the @oktadev blog:

    OAuth 2.1: How many RFCs does it take to change a light bulb?

    https://developer.okta.com/blog/2019/12/13/oauth-2-1-how-many-rfcs
    Portland, Oregon • 46°F
    31 likes 5 reposts 7 replies 2 mentions
    Fri, Dec 13, 2019 10:29am -08:00 #oauth #oauth2
  • Matt Raible https://twitter.com/mraible
    With OAuth 2.1:

    "...there should be no need to document the most secure way to implement OAuth, since that should be the only option available when you read the spec." 👍 #oauth2
    Portland, Oregon • 49°F
    Fri, Dec 13, 2019 2:44am +00:00 (liked on Thu, Dec 12, 2019 6:45pm -08:00) #oauth2
  • It's Time for OAuth 2.1

    Trying to understand OAuth often feels like being trapped inside a maze of specs, trying to find your way out, before you can finally do what you actually set out to do: build your application.
    continue reading...
    107 likes 58 reposts 1 bookmark 2 replies 24 mentions
    Thu, Dec 12, 2019 6:10pm -08:00 #oauth #oauth2 #oauth21
  • It's an OAuth week!

    Now is your chance to join and ask me your OAuth questions!
    continue reading...
    5 likes 3 reposts 1 mention
    Mon, Dec 9, 2019 1:28pm -08:00 #oauth #oauth2
  • Aaron Parecki
    If you missed my talk from @APIdaysAU last month, I just posted the video online!

    Securing Your APIs with #OAuth 2.0: https://youtu.be/PfvSD6MmEmQ
    Amsterdam, Noord-Holland, NLD • 63°F
    13 likes 2 reposts 2 mentions
    Tue, Oct 1, 2019 1:58pm +02:00 #oauth #apidays #apidaysau #oauth2
  • Matt Raible https://twitter.com/mraible
    What's going on with the OAuth 2.0 Implicit flow? From my awesome colleagues @aaronpk and @nbarbettini! https://youtu.be/CHzERullHe8 #oauth2 #implicitflow
    Portland, Oregon
    Tue, Jun 11, 2019 1:37am +00:00 (liked on Mon, Jun 10, 2019 6:50pm -07:00) #oauth2 #implicitflow
  • Arindam Mukherjee https://twitter.com/ErrInDam
    If you've struggled to understand how #OAuth2 works, this one should help:

    https://aaronparecki.com/oauth-2-simplified/
    Portland, Oregon
    1 mention
    Sun, May 19, 2019 9:04am +00:00 (liked on Sun, May 19, 2019 9:20am -07:00) #OAuth2
older

Hi, I'm Aaron Parecki, Director of Identity Standards at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming. (detailed bio)

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Director of Identity Standards at Okta
  • IndieWebCamp Founder
  • OAuth WG Editor
  • OpenID Board Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2025 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv