Aaron Parecki

#oauth

• 

  Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

  OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

  In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

  Portland, Oregon

  #oauth #oauth2

  Sat, Feb 4, 2017 11:35am -08:00

• Vladimir Dzhuvinov 🇪🇺 🇧🇬 https://twitter.com/dzhuvi

  Signed HTTP messages - before & after.
  Presented by @justin__richer at the #OAuth @secworkshop 2021

  

  Portland, Oregon • 56°F

  #OAuth

  Tue, Nov 30, 2021 3:31pm +00:00 (liked on Tue, Nov 30, 2021 4:20pm -08:00)
• Duesseldorf (DUS) to London (LHR)

  November 12, 2021 from 10:40am (+0100) to 11:20am (+0000)

  British Airways Flight 937

  London (LHR) to Seattle (SEA)

  November 12, 2021 from 2:30pm (+0000) to 4:30pm (-0800)

  British Airways Flight 49

  Seattle (SEA) to Portland (PDX)

  November 12, 2021 from 6:05pm to 6:58pm (-0800)

  Alaska Flight 117

  

  Portland Intl in Portland

  #oauth #indieweb

  permalink
• Alex Cio https://twitter.com/alexcio_

  why do we really need #oauth anyway?
  
  @aaronpk talking about the origina of oauth, why it was created, negativ aspects of how oauth is used and how we should use it in the future
  
  #btconf
  #duesseldorf
  #beyondtellerrand

  

  Düsseldorf, Nordrhein-Westfalen

  #oauth #btconf #duesseldorf #beyondtellerrand

  Tue, Nov 9, 2021 11:41am +00:00 (liked on Tue, Nov 9, 2021 1:39pm +01:00)
• Why Do We Really Need OAuth Anyway?

  Nov

  9

  November 9, 2021 12:15pm - 12:45pm (+0100)

  Capitol Theater

  Düsseldorf, Nordrhein-Westfalen, DE

  Beyond Tellerrand

  Watch Video

  #oauth #btconf

  permalink
• Beyond Tellerrand

  Nov

  8

  Nov

  9

  November 8-9, 2021
  

  Capitol Theater

  Düsseldorf, Nordrhein-Westfalen, DE

  #btconf #oauth

  permalink
• Why Is the Majority of Our MFA So Phishable? | LinkedIn (www.linkedin.com)

  #mfa #security #oauth

  Sun, Nov 7, 2021 12:53pm +01:00
• Portland (PDX) to Seattle (SEA)

  November 5, 2021 from 5:10pm to 6:08pm (-0700)

  Alaska Flight 2551

  Seattle (SEA) to London (LHR)

  November 5, 2021 at 7:25pm (-0700) until Nov 6 at 11:50am (+0000)

  British Airways Flight 48

  London (LHR) to Duesseldorf (DUS)

  November 6, 2021 from 1:05pm (+0000) to 3:25pm (+0100)

  British Airways Flight 940

  

  Dusseldorf in Duesseldorf

  #oauth #indieweb

  permalink
• Düsseldorf

  Nov

  5

  Nov

  …

  Nov

  12

  November 5-12, 2021
  8 days

  Düsseldorf

  Düsseldorf, North Rhine-Westphalia, DE

  #indieweb #oauth

  permalink
• Hands-on Introduction to OAuth 2.0

  Nov

  1

  November 1, 2021 10:00am - 2:00pm (-0700)

  Online

  #oauth #oreilly

  permalink
• Mike Jones https://twitter.com/selfissued

  Congratulations to @vibronet for RFC 9068: JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens https://www.rfc-editor.org/rfc/rfc9068.html! He noticed a bunch of parties doing nearly the same thing, thought "time for a standard", and made it happen! #IETF #RFC #OAuth #JWT

  Portland, Oregon • 55°F

  #IETF #RFC #OAuth #JWT

  Fri, Oct 22, 2021 1:00am +00:00 (liked on Thu, Oct 21, 2021 9:24pm -07:00)
• beyond tellerrand https://twitter.com/btconf

  Look who is back in the family: @aaronpk ! With a great talk about #OAuth. Say hello to Aaron and see the details about him and his talk here: https://beyondtellerrand.com/events/dusseldorf-2021/speakers/aaron-parecki

  

  Portland, Oregon • 44°F

  #OAuth

  Thu, Oct 7, 2021 4:45pm +00:00 (liked on Thu, Oct 7, 2021 9:53am -07:00)
• 

  At the end of the day, OAuth is just a way to communicate between services and users, and as such it's easy to grasp and non-controversial.
  
  OAuth solved a universal problem – signing into a web site – and, in doing so, created a new problem: how does a site know it's really you?

  Portland, Oregon, USA • 55°F

  16 likes 4 reposts 1 reply

  #oauth #ai

  Wed, Oct 6, 2021 6:01pm -07:00
• 

  Join me and @vibronet tomorrow for another OAuth Happy Hour! This week seems like a good week to talk about what happens when "Sign In with Facebook" is down.
  
  📅 Oct 7 4pm Pacific
  
  https://www.youtube.com/watch?v=B3a3-JV-dl0

  Portland, Oregon, USA • 51°F

  9 likes 1 mention

  #oauth

  Wed, Oct 6, 2021 9:28am -07:00
• OAuth 2.0 https://twitter.com/oauth_2

  New version available! "The OAuth 2.1 Authorization Framework" https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-04.html by @DickHardt @aaronpk @tlodderstedt #oauth #oauth2 #ietf

  Portland, Oregon • 55°F

  #oauth #oauth2 #ietf

  Wed, Oct 6, 2021 12:51am +00:00 (liked on Tue, Oct 5, 2021 5:52pm -07:00)
• I don’t like Identity Tokens | leastprivilege.com (leastprivilege.com)

  #oauth #oidc #openid #token

  Fri, Oct 1, 2021 4:48pm -07:00
• 

  Join me in 20 minutes over on YouTube for a conversation with @bartosz_io about the future of #OAuth! https://www.youtube.com/watch?v=WPeulphAj6I

  Portland, Oregon • 53°F

  8 likes 4 reposts

  #oauth

  Tue, Sep 28, 2021 9:41am -07:00
• Bartosz.io 👉 wsa.dev https://twitter.com/bartosz_io

  Today at 5 pm GMT we are streaming with @aaronpk to talk about the future of #OAuth 2.1+ 🚀
  
  #websec #websecurity #webdev #webdevelopment
  https://www.youtube.com/watch?v=WPeulphAj6I

  Portland, Oregon • 52°F

  #OAuth #websec #websecurity #webdev #webdevelopment

  Tue, Sep 28, 2021 7:35am +00:00 (liked on Tue, Sep 28, 2021 6:07am -07:00)
• ForgeRock Access Management 7.0.2 > OAuth 2.0 Guide > Authenticating Clients Using Mutual TLS (backstage.forgerock.com)

  #oauth #mtls

  Wed, Sep 22, 2021 4:19pm -07:00
• Nat Sakimura https://twitter.com/_nat_en

  I actually do not agree with the characterization that PAR is an alternative to JAR. PAR complements JAR by profiling it down to a new endpoint called PAR Endpoint at AuthZ server. JAR is normatively required by PAR. #OAuth

  Portland, Oregon • 66°F

  #OAuth

  Wed, Sep 22, 2021 3:16am +00:00 (liked on Tue, Sep 21, 2021 9:25pm -07:00)
• 

  Twitter out here launching support for OAuth 2.0 just in time for OAuth 2.1 to come out 🤦‍♂️🤷‍♂️ https://twitter.com/twitterdev/status/1436020870875656196

  Portland, Oregon, USA • 73°F

  45 likes 6 reposts 10 replies

  #oauth

  Thu, Sep 9, 2021 8:17pm -07:00