Aaron Parecki

64°F

#oauth

Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

Portland, Oregon

Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2

Portland (PDX) to Los Angeles (LAX)

March 26, 2019 from 6:18am to 8:53am (-0700)

American Flight 6056

Los Angeles (LAX) to London (LHR)

March 26, 2019 at 5:35pm (-0700) until Mar 27 at 10:55am (+0000)

American Flight 6185

London (LHR) to Prague (PRG)

March 27, 2019 from 2:40pm (+0000) to 5:45pm (+0100)

American Flight 6635

Ruzyne in Prague

permalink #okta #oauth #ietf #ietf104
Vladimir Dzhuvinov https://twitter.com/dzhuvi

. @dwaite Let's not forget browser based apps could also do without #OAuth, or use a simple backend to handle client side #OAuth #osw2019

• 54°F

Wed, Mar 20, 2019 3:28pm +00:00 (liked on Thu, Mar 21, 2019 7:26am +09:00) #OAuth #OAuth #osw2019
Vladimir Dzhuvinov https://twitter.com/dzhuvi

It's high time to retire the #OAuth 2.0 implicit grant. Browser-based apps should use the code flow with CORS XHR to retrieve the token(s) #osw2019

• 54°F

Wed, Mar 20, 2019 1:45pm +00:00 (liked on Thu, Mar 21, 2019 7:26am +09:00) #OAuth #osw2019
Mike Jones https://twitter.com/selfissued

OAuth Device Flow spec renamed to “OAuth 2.0 Device Authorization Grant” http://self-issued.info/?p=1959 #IETF #OAuth @WilliamDenniss

Portland, Oregon • 49°F

Tue, Mar 12, 2019 4:39am +00:00 (liked on Mon, Mar 11, 2019 9:44pm -07:00) #IETF #OAuth
I'm not at @devnexus this year, but my #OAuth books are! You can win a copy if you're there!
https://twitter.com/oktadev/status/1103679346122915840

Portland, Oregon, USA

4 likes 1 reply

Thu, Mar 7, 2019 9:02am -08:00 #oauth #okta
Danger Casey https://twitter.com/CaseySoftware

Knowing where things break and fail is often more important than knowing where they work..

#oauth #omgwth

Portland, Oregon • 43°F

Fri, Mar 1, 2019 6:37pm +00:00 (liked on Fri, Mar 1, 2019 10:38am -08:00) #oauth #omgwth
Tomorrow morning I'm joining @jlengstorf on Twitch and we're going to add user authentication to a @gatsbyjs site live! This will be my first time using Gatsby, so should be a fun ride!

📅 Thursday, Feb 28
🕘 9:00am Pacific
📺 https://www.twitch.tv/jlengstorf

San Carlos, California • 54°F

38 likes 4 reposts 1 reply

Wed, Feb 27, 2019 9:48pm -08:00 #oauth #gatsby #okta
The video from my @OReillySACon talk is up! "OAuth: When Things Go Wrong" https://www.youtube.com/watch?v=H6MxsFMAoP8

Portland, Oregon, USA • 37°F

11 likes 5 reposts 1 mention

Tue, Feb 26, 2019 11:04am -08:00 #oauth #okta
#202781 Chained Bugs to Leak Victim's Uber's FB Oauth Token (hackerone.com)

Mon, Feb 25, 2019 9:06am -06:00 #oauth #security #hack #bug #uber
[Uber 8k Bug] Login CSRF + Open Redirect = Account Take Over – Ron Chan (ngailong.wordpress.com)

Mon, Feb 25, 2019 9:05am -06:00 #oauth #security
I mentioned in my #OAuth talk last week that I was working on a blog post describing how to add the Device Flow to any OAuth server, and I just finished the post! \o/ 🔐 https://developer.okta.com/blog/2019/02/19/add-oauth-device-flow-to-any-server

Chicago, Illinois, USA • 33°F

11 likes 4 reposts 1 reply

Wed, Feb 20, 2019 12:49pm -06:00 #oauth #oktadev #okta
always fun to google the random strings I make up for my OAuth examples and see who else's API docs and tutorials they end up in: https://www.google.com/search?q=RsT5OjbzRn430zqMLgV3Ia

Portland, Oregon, USA • 37°F

9 likes 1 repost 3 replies

Thu, Feb 14, 2019 3:46pm -08:00 #oauth
I just posted the slides from my #OReillySACon talk last week!

OAuth: When Things Go Wrong

https://speakerdeck.com/aaronpk/oauth-when-things-go-wrong

Portland, Oregon, USA • 41°F

23 likes 8 reposts 1 reply

Tue, Feb 12, 2019 4:20pm -08:00 #oauth #oreillysacon
OAuth 2.0 for Google APIs – 3rd Party Audit Costs Require EmailMonkey to Shutdown | Voice2Biz (www.voice2biz.com)

Tue, Feb 12, 2019 12:26pm -08:00 #oauth #google
Josh Sessink https://twitter.com/JMSessink

Just published a write-up about @azuread OAuth 2.0 Authorization Code Grant Flow in @electronjs with PKCE 👇👇👇
https://link.medium.com/b86pcH8VdU

Another article soon about how to tie this back to a web app without nodeIntegration.

#azure #electron #oauth #javascript #NodeJS

Portland, Oregon • 39°F

Mon, Feb 11, 2019 3:47pm +00:00 (liked on Mon, Feb 11, 2019 8:10am -08:00) #azure #electron #oauth #javascript #NodeJS
Newark (EWR) to Seattle (SEA)

February 8, 2019 from 9:00am (-0500) to 12:30pm (-0800)

Alaska Flight 791

Seattle (SEA) to Portland (PDX)

February 8, 2019 from 1:30pm to 2:30pm (-0800)

Alaska Flight 2175

Portland Intl in Portland

permalink #okta #oauth
Okta API Workshop

Feb

7

February 7, 2019 12:00pm - 4:00pm (-0500)

Fishbowl at Dream Midtown

New York, New York, US

permalink #okta #oauth #oktadev
at The Fishbowl

New York, New York • Thu, February 7, 2019 11:08am

40.764636 -73.982069

Setting up for my #OAuth workshop!

New York, NY, United States • 39°F

1 like 29 Coins

Thu, Feb 7, 2019 11:08am -05:00 #oauth
CORS headers for /oauth2/v1/token - Questions - Okta Developer Forums (devforum.okta.com)

Wed, Feb 6, 2019 8:42pm -05:00 #okta #oauth
#OReillySACon Come by the @okta booth if you'd like some #oauth cat stickers! Also if you want a PDF of my book and the slides from the talk, make sure we scan your badge!

New York, New York, USA • 62°F

2 likes 5 replies

Tue, Feb 5, 2019 5:12pm -05:00 #okta #oreillysacon #oauth

older