Aaron Parecki

53°F

#oauth

Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

Portland, Oregon

Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2

Portland (PDX) to Newark (EWR)

July 22, 2019 from 6:00am (-0700) to 2:13pm (-0400)

United Flight 2248

Newark (EWR) to Montreal (YUL)

July 22, 2019 from 3:50pm to 5:19pm (-0400)

Air Canada Flight 7741

Pierre Elliott Trudeau Intl in Montreal

1 mention

permalink #okta #oauth #ietf
oauth (mailarchive.ietf.org)

Sun, Jul 21, 2019 6:08pm -07:00 #oauth
IETF 105 Montreal

Jul

21

Jul

…

Jul

26

July 21-26, 2019
6 days

Hotel Fairmont The Queen Elizabeth

Montréal, Québec, CA

permalink #okta #ietf #oauth
Some thoughts on adding identity to OAuth XYZ, a new draft spec to be discussed at #ietf105 next week.

If we're going to re-think OAuth from the ground up, we should build in support for common use cases.

https://aaronparecki.com/2019/07/18/17/adding-identity-to-xyz

Kansas City, Missouri, USA

16 likes 8 reposts 1 reply

Fri, Jul 19, 2019 8:55am -05:00 #oauth #xyz #ietf105
Adding Identity to OAuth XYZ

The new draft spec at OAuth.xyz outlines a potential way to completely re-think OAuth from the ground up.
continue reading...

15 likes 6 reposts 1 reply 2 mentions

Thu, Jul 18, 2019 11:18pm -05:00 #oauth #xyz #txaz
Heather Downing https://twitter.com/quorralyne

Come to the @oktadev booth at #KCDC2019 to chat with fun and awesome people about #oauth #security and win stuff in it developer challenge! @briandemers @aaronpk @afitnerd @okta #Okta

Kansas City, Missouri

1 mention

Wed, Jul 17, 2019 3:16pm +00:00 (liked on Wed, Jul 17, 2019 11:08am -05:00) #KCDC2019 #oauth #security #Okta
Heather Downing https://twitter.com/quorralyne

The king of candy bars... & #OAuth! @oktadev @aaronpk

Anaheim, California

1 mention

Fri, Jul 12, 2019 9:03pm +00:00 (liked on Fri, Jul 12, 2019 9:04pm -07:00) #OAuth
privacy/security concerns · Issue #68 · plaid/link (web.archive.org)

Wed, Jun 19, 2019 11:32am +01:00 #bank #security #oauth
‘Sign In With Apple’ Earns Mixed Reactions From App Makers | WIRED (www.wired.com)

Sat, Jun 15, 2019 11:44am -07:00 #press #appleid #apple #oauth
Last week I sat down with @nbarbettini to answer some questions about what's going on with the @OAuth_2 Implicit flow. #oauth 🎥➡ https://www.youtube.com/watch?v=CHzERullHe8

Portland, Oregon, USA

8 likes 4 reposts 2 mentions

Mon, Jun 10, 2019 9:29am -07:00 #oauth #okta #oktadev
I had fun with this one: 7 Ways an OAuth Access Token is like a Hotel Key Card

https://developer.okta.com/blog/2019/06/05/seven-ways-an-oauth-access-token-is-like-a-hotel-key-card

Portland, Oregon, USA

21 likes 9 reposts 2 replies 1 mention

Wed, Jun 5, 2019 9:19am -07:00 #oauth
Is 'Sign in with Apple' Marketing Spin or Privacy Magic? Experts Weigh In | Threatpost (threatpost.com)

Tue, Jun 4, 2019 3:21pm -07:00 #oauth #appleid #press
Kurt Milne https://twitter.com/kurtmilne

Great write up on the new Identity solution Sign In With Apple. It's based on #Oauth and #Openidconnect Thank you @aaronpk

https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

Portland, Oregon

Tue, Jun 4, 2019 9:44pm +00:00 (liked on Tue, Jun 4, 2019 2:56pm -07:00) #Oauth #Openidconnect
Let's Clarify some Misunderstandings around Sign In with Apple

tl;dr This is a good move for users in the iOS ecosystem, and is primarily designed as an alternative for apps that currently use "Sign in with [Facebook/Twitter/Google]" to avoid leaking sensitive user info.
continue reading...

145 likes 46 reposts 1 bookmark 27 replies 17 mentions

Tue, Jun 4, 2019 2:44pm -07:00 #appleid #oauth #wwdc19
Alright, if you are curious about "Sign In with Apple," I walk through exactly how it works and what it looks like in this post.

https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

#WWDC19 #OAuth #AppleID

Portland, Oregon, USA

98 likes 46 reposts 4 replies 5 mentions

Tue, Jun 4, 2019 12:43pm -07:00 #wwdc19 #oauth #appleid
Chris https://mrkapowski.com/

Aaron already has an example of Sign-in With Apple up and running, because of course he has 👍

Portland, Oregon

Tue, Jun 4, 2019 9:25am +01:00 (liked on Tue, Jun 4, 2019 6:16am -07:00) #apple #oauth #open-source #signin with apple
Reading all these tweets of people freaking out about Apple requiring apps to use "Sign In with Apple" and feeling another "authentication is not authorization" rant coming. Lots of misunderstanding of sign-in vs accessing APIs. #WWDC19 #OAuth

Portland, Oregon, USA

7 likes 2 reposts 2 replies 1 mention

Mon, Jun 3, 2019 9:12pm -07:00 #wwdc19 #oauth
Initial test of the "Sign in with Apple" API:

• It's more or less based on OAuth + OIDC
• Their documentation is missing a lot of key info to use it right now, I had to guess at a lot of things
• The `sub` claim includes some sort of unique user identifier, not an email

Portland, Oregon, USA

74 likes 23 reposts 8 replies

Mon, Jun 3, 2019 2:21pm -07:00 #oauth
Well this is exciting. 🍎🔐 #AppleID #OAuth #WWDC2019 #WWDC

Portland, Oregon, USA

9 likes 1 repost 2 replies

Mon, Jun 3, 2019 1:38pm -07:00 #appleid #oauth #wwdc2019 #wwdc
at The Rec Room

Toronto, ON, Canada • Tue, May 28, 2019 11:00am

43.64111 -79.386763

Setting up for my talk today! #okta #oauth

Toronto, ON, Canada

78 Coins

Tue, May 28, 2019 11:00am -04:00 #okta #oauth

older