Aaron Parecki

#oauth

• 

  Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

  OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

  In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

  Portland, Oregon

  Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2

• Newark (EWR) to Seattle (SEA)

  February 8, 2019 from 9:00am (-0500) to 12:30pm (-0800)

  Alaska Flight 791

  Seattle (SEA) to Portland (PDX)

  February 8, 2019 from 1:30pm to 2:30pm (-0800)

  Alaska Flight 2175

  

  Portland Intl in Portland

  permalink #okta #oauth
• Okta API Workshop

  Feb

  7

  February 7, 2019 12:00pm - 4:00pm (-0500)

  Fishbowl at Dream Midtown

  New York, New York, US

  permalink #okta #oauth #oktadev
• 

  at The Fishbowl

  New York, New York • Thu, February 7, 2019 11:08am

  40.764636 -73.982069

  Setting up for my #OAuth workshop!

  

  New York, NY, United States • 39°F

  1 like 29 Coins

  Thu, Feb 7, 2019 11:08am -05:00 #oauth
• CORS headers for /oauth2/v1/token - Questions - Okta Developer Forums (devforum.okta.com)

  Wed, Feb 6, 2019 8:42pm -05:00 #okta #oauth
• 

  #OReillySACon Come by the @okta booth if you'd like some #oauth cat stickers! Also if you want a PDF of my book and the slides from the talk, make sure we scan your badge!

  

  New York, New York, USA • 62°F

  2 likes 5 replies

  Tue, Feb 5, 2019 5:12pm -05:00 #okta #oreillysacon #oauth
• OAuth: When Things Go Wrong

  Feb

  5

  February 5, 2019 3:50pm - 4:40pm (-0500)

  O'Reilly Software Architecture Conference

  O'Reilly Software Architecture Conference

  View Slides

  Watch Video

  permalink #oauth #oktadev
• O'Reilly Software Architecture Conference

  Feb

  5

  Feb

  6

  February 5-6, 2019
  

  New York Hilton Midtown

  New York, New York, US

  permalink #okta #oauth
• 

  I'm giving a talk on #OAuth at #OReillySACon tomorrow! 3:50pm in Sutton North. I'll have books and cat stickers to give out afterwards too! https://conferences.oreilly.com/software-architecture/sa-ny/public/schedule/detail/75121

  

  New York, New York, USA • 48°F

  22 likes 7 reposts 1 reply

  Mon, Feb 4, 2019 8:28pm -05:00 #okta #oktadev #oreillysacon #oauth
• Portland (PDX) to Newark (EWR)

  February 4, 2019 from 7:45am (-0800) to 4:00pm (-0500)

  Alaska Flight 54

  

  Newark Liberty Intl in Newark

  permalink #okta #oauth
• An alternative way to secure SPAs (with ASP.NET Core, OpenID Connect, OAuth 2.0 and ProxyKit) | leastprivilege.com (leastprivilege.com)

  Mon, Feb 4, 2019 6:56am -08:00 #oauth #spa
• Steve Hutchinson https://twitter.com/IdentityHutch

  Nice rebuttal by @scottbrady91 from @rskltd to Okta's “Nobody Cares About #OAuth or #OpenID Connect.” I agree that developers should care and #identity professionals should elevate the discourse. @idpro_org @openid #OIDC https://www.scottbrady91.com/OAuth/Why-Developers-Do-Care-About-OAuth-and-OpenID-Connect

  Portland, Oregon • 42°F

  Mon, Jan 28, 2019 3:57pm +00:00 (liked on Mon, Jan 28, 2019 8:04am -08:00) #OAuth #OpenID #identity #OIDC
• Scott Brady https://twitter.com/scottbrady91

  Why Developers Do Care About OAuth and OpenID Connect https://www.scottbrady91.com/OAuth/Why-Developers-Do-Care-About-OAuth-and-OpenID-Connect @oktadev @openid #oauth

  Portland, Oregon • 42°F

  Mon, Jan 28, 2019 1:22pm +00:00 (liked on Mon, Jan 28, 2019 8:03am -08:00) #oauth
• Why Developers Do Care About OAuth and OpenID Connect - Scott Brady (www.scottbrady91.com)

  Mon, Jan 28, 2019 8:02am -08:00 #oauth #okta
• Chaining Tricky OAuth Exploitation To Stored XSS – Rohan Aggarwal – Medium (medium.com)

  Sun, Jan 27, 2019 4:48pm -08:00 #oauth #security #xss
• 

  If you've ever needed a link to send someone to explain why OAuth secrets aren't safe in mobile apps, I made you a thing: https://developer.okta.com/blog/2019/01/22/oauth-api-keys-arent-safe-in-mobile-apps

  San Francisco, California, USA • 59°F

  13 likes 10 reposts 3 replies

  Tue, Jan 22, 2019 4:09pm -08:00 #oauth #oauth2 #api #security
• The State of the Implicit Flow in OAuth2 | brockallen (brockallen.com)

  Thu, Jan 3, 2019 2:27pm -08:00 #oauth #oauth2
• 

  A pretty good step-by-step walkthrough of the @oauth2 PKCE flow by @afitnerd https://developer.okta.com/blog/2018/12/13/oauth-2-for-native-and-mobile-apps
  
  and yes it's pronounced "pixie"

  Springfield Gardens, New York • 50°F

  2 likes 3 reposts 1 reply 1 mention

  Fri, Dec 14, 2018 12:19pm -05:00 #oauth #pkce
• New York (JFK) to Los Angeles (LAX)

  December 14, 2018 from 7:10am (-0500) to 10:36am (-0800)

  Alaska Flight 420

  Los Angeles (LAX) to Portland (PDX)

  December 14, 2018 from 11:00am to 1:35pm (-0800)

  Alaska Flight 1795

  

  Portland Intl in Portland

  permalink #oauth #okta
• 

  Take 3 minutes to learn how OAuth access tokens are like a hotel keycard! 🔐💳
  https://www.youtube.com/watch?v=BNEoKexlmA4 (Filmed last week at my hotel!)

  10 likes 7 reposts 1 reply

  Thu, Dec 13, 2018 2:54pm -05:00 #oauth
• What is going on with OAuth 2.0? And why you should not use it for authentication. (medium.com)

  Thu, Dec 13, 2018 1:16pm -05:00 #oauth