66°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

#oauth

  • Aaron Parecki

    Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

    OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

    In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

    Portland, Oregon
    #oauth #oauth2
    Sat, Feb 4, 2017 11:35am -08:00
  • Las Vegas (LAS) to Portland (PDX)
    June 2, 2023 from 2:30pm to 4:49pm (-0700)
    Alaska Flight 683
    Portland Intl in Portland
    #okta #identiverse #oauth #openid
    permalink
  • Identiverse 2023
    May
    30
    Jun
    2
    May 30 through June 2, 2023
    4 days
    ARIA Resort & Casino
    Las Vegas, Nevada, US
    #identiverse #okta #oauth #openid
    permalink
  • Portland (PDX) to Las Vegas (LAS)
    May 30, 2023 from 10:40am to 12:54pm (-0700)
    Alaska Flight 726
    Mc Carran Intl in Las Vegas
    #identiverse #oauth #openid #okta
    permalink
  • Tokyo (HND) to Dallas-Fort Worth (DFW)
    March 31, 2023 from 6:15pm (+0900) to 3:33pm (-0500)
    American Airlines Flight 176
    Dallas-Fort Worth (DFW) to Portland (PDX)
    March 31, 2023 from 5:07pm (-0500) to 7:17pm (-0700)
    American Airlines Flight 1986
    Portland Intl in Portland
    #okta #oauth #ietf
    permalink
  • IETF 116 Yokohama
    Mar
    27
    Mar
    …
    Mar
    31
    March 27-31, 2023
    5 days
    InterContinental Yokohama Grand, an IHG Hotel
    Yokohama, Kanagawa, JP
    #ietf #oauth #okta
    permalink
  • Japan
    Mar
    19
    Mar
    …
    Mar
    31
    March 19-31, 2023
    13 days
    Yokohama
    Yokohama, Kanagawa, JP
    #ietf #oauth
    permalink
  • Portland (PDX) to San Francisco (SFO)
    March 19, 2023 from 8:00am to 9:50am (-0700)
    Alaska Flight 1110
    San Francisco (SFO) to Tokyo (HND)
    March 19, 2023 at 3:20pm (-0700) until Mar 20 at 6:45pm (+0900)
    JAL Flight 1
    Tokyo Intl in Tokyo
    #okta #oauth #ietf
    permalink
  • OAuth Support in Bluesky and AT Protocol

    Bluesky, a new social media platform and AT Protocol, is unsurprisingly running up against the same challenges and limitations that Flickr, Twitter and many other social media platforms faced in the 2000s: passwords!
    continue reading...
    12 likes 1 repost 8 replies 2 mentions
    #oauth #indieauth #bluesky #atproto #indieweb #indieauth
    Thu, Mar 9, 2023 5:09pm -08:00
  • Aaron Parecki
    another day, another account takeover caused by an open redirector and the OAuth Implicit flow 🫠

    https://salt.security/blog/traveling-with-oauth-account-takeover-on-booking-com
    Portland, Oregon • 40°F
    14 likes 4 reposts 1 reply
    #oauth #security
    Thu, Mar 2, 2023 10:16am -08:00
  • Aaron Parecki
    I've given many talks about how mobile apps can't be deployed with a secret, and using Twitter's 2013 "hacks" as an example. I'm just going to leave this completely unrelated string of random characters here for no particular reason

    GgDYlkSvaPxGxC4X8liwpUoqKwwr3lCADbz8A7ADU
    Portland, Oregon, USA • 43°F
    100 likes 52 reposts 10 replies
    #twitter #oauth #security
    Thu, Feb 2, 2023 8:12pm -08:00
  • Aaron Parecki
    PSA: If you use Twitter to sign in to stuff, you should double check you have another way to get in to those accounts asap. With Twitter charging ??? for API access next week, you have no way of knowing whether the apps you use are going to pay that.
    Portland, Oregon, USA • 49°F
    140 likes 139 reposts 11 replies 5 mentions
    #oauth #twitter
    Thu, Feb 2, 2023 4:23pm -08:00
  • Leveraging Web Workers to Safely Store Access Tokens - The New Stack (thenewstack.io)
    #oauth #spa #browser
    Tue, Jan 31, 2023 5:48pm -08:00
  • Aaron Parecki
    It's been a while since I've set up an Amazon Echo device. Do I need to come over there and teach some Amazon folks about the OAuth Device Flow? There is a better way than making me type my password on this screen!
    Portland, Oregon, USA • 45°F
    44 likes 8 reposts 4 replies 1 mention
    #oauth
    Fri, Jan 27, 2023 9:20pm -08:00
  • Aaron Parecki
    It's here! My new video course "Advanced OAuth Security" is now available on Udemy!

    In this course we break down the jargon in the high-security OAuth specs like PAR, JAR, JARM, DPoP, Mutual TLS, HTTP Signatures and more!

    https://oauth2simplified.com/advanced-oauth
    Portland, Oregon, USA • 43°F
    73 likes 16 reposts 7 replies 2 mentions
    #oauth
    Thu, Dec 29, 2022 11:28am -08:00
  • Aaron Parecki
    I've got an ad spot opening up in the new year on https://oauth.net! This is *the* hub for everything about OAuth online. Text-only ads, and usually has a high clickthrough rate!

    Get in touch if you'd like to get your business in front of 150,000 people a month!
    Portland, Oregon, USA • 34°F
    6 likes 3 reposts 1 reply
    #oauth
    Wed, Dec 21, 2022 9:33am -08:00
  • OAuth WG

    OAuth for Browser-Based Apps Draft 12

    I just published a revised version of OAuth for Browser-Based Apps based on the feedback and discussion at IETF 115 London!
    continue reading...
    #oauth #ietf
    Tue, Dec 6, 2022 4:20pm -08:00
  • The Laws of OAuth

    The first law of OAuth states that the total number of authorized access tokens must remain constant in an isolated system.
    continue reading...
    2 replies
    #chatgpt #openai #oauth
    Fri, Dec 2, 2022 3:00pm -08:00
  • Aaron Parecki
    By popular request, I just published a version of "The Little Book of OAuth 2.0 RFCs" as a free downloadable PDF!

    https://oauth.net/books/#little-book-of-rfcs
    Portland, Oregon, USA • 39°F
    122 likes 43 reposts 10 replies 4 mentions
    #oauth
    Thu, Dec 1, 2022 3:23pm -08:00
  • Aaron Parecki
    This is your scheduled periodic reminder, for no particular reason, that now is a good time to review the third party OAuth apps that have access to your Twitter account, and remove any that you don't recognize or haven't used in a while.

    ➡ https://twitter.com/settings/connected_apps
    Portland, Oregon, USA • 43°F
    47 likes 20 reposts 5 replies
    #oauth #twitter #security
    Tue, Nov 15, 2022 6:36pm -08:00
  • London (LHR) to Portland (PDX)
    November 11, 2022 from 2:25pm (+0000) to 4:35pm (-0800)
    British Airways Flight 267
    Portland Intl in Portland
    #ietf #ietf114 #okta #oktadev #oauth
    permalink
next

Hi, I'm Aaron Parecki, Senior Security Architect at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming and dabble in product design.

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Security Architect at Okta
  • IndieWebCamp Founder
  • OAuth WG Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2023 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv