Aaron Parecki

#oauth

• 

  Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

  OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

  In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

  Portland, Oregon

  Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2

• OAuth WG

  New OAuth for Browser-Based Apps draft -04

  Hi all,

  continue reading...

  Thu, Sep 26, 2019 3:45pm +02:00 #oauth
• IndieWebCamp and View Source Conference

  Sep

  25

  Oct

  3

  September 25 through October 3, 2019
  9 days

  Amsterdam

  Amsterdam, North Holland, NL

  permalink #indiewebcamp #oauth #viewsourceconf
• Portland (PDX) to Chicago (ORD)

  September 25, 2019 from 6:52am (-0700) to 12:46pm (-0500)

  United Flight 228

  Chicago (ORD) to Frankfurt (FRA)

  September 25, 2019 at 2:30pm (-0500) until Sep 26 at 5:55am (+0200)

  United Flight 944

  

  Frankfurt Main in Frankfurt

  1 mention

  permalink #oauth #indiewebcamp #viewsourceconf
• Torsten Lodderstedt https://twitter.com/tlodderstedt

  Inspired by psd2 & open banking I just published two drafts defining OAuth extensions for a simple and secure way to support complex, fine-grained authorization data https://medium.com/oauth-2/rich-oauth-2-0-authorization-requests-87870e263ecb
  @__b_c @davidgtonge @_panva @_nat_en @justin__richer
  #psd2 #oauth #OpenBanking

  United Flight 99 MEL to LAX

  Sat, Sep 21, 2019 6:54pm +00:00 (liked on Sun, Sep 22, 2019 7:41am +00:00) #psd2 #oauth #OpenBanking
• Archive (mailarchive.ietf.org)

  Sun, Sep 22, 2019 6:47am +00:00 #oauth #implicit
• 

  I'll be giving a talk at @APIDaysAU at 1:30pm today! "Securing your APIs with OAuth".
  
  There will be cats, because I know OAuth can be scary at times.
  
  https://www.apidays.co/melbourne

  Melbourne, Victoria, AUS • 74°F

  7 likes 1 repost

  Fri, Sep 20, 2019 11:59am +10:00 #oauth
• Securing Your APIs with OAuth 2.0

  Sep

  19

  September 19, 2019 1:30pm - 2:00pm (+1000)

  API Days Melbourne

  API Days Melbourne

  View Slides

  Watch Video

  permalink #oauth #api #oktadev #security
• e-sushi https://twitter.com/originalesushi

  Hey @facebook, demanding the secret password of the personal email accounts of your users for verification, or any other kind of use, is a HORRIBLE idea from an #infosec point of view. By going down that road, you're practically fishing for passwords you are not supposed to know!

  

  Sydney, New South Wales • 52°F

  Sun, Mar 31, 2019 11:27pm +00:00 (liked on Tue, Sep 17, 2019 12:04pm +10:00) #infosec #facebook #oauth #security
• Amateur Slacker https://twitter.com/noop_noob   •   Aug 26

  "The process results in a client ID and, in some cases, a client secret, which you embed in the source code of your application. (In this context, the client secret is obviously not treated as a secret.)"
  
  from https://developers.google.com/identity/protocols/OAuth2
  
  I'm confused.
  

  Good find... that is a really confusing sentence. I'm going to try to track that down and see if they can remove it.

  Portland, Oregon, USA

  1 like 2 replies

  Mon, Aug 26, 2019 2:31pm -07:00 #oauth
• Sign In with Apple - Apple Forums (forums.developer.apple.com)

  Fri, Aug 23, 2019 11:45am -07:00 #apple #appleid #oauth #okta
• Sébastien LM https://twitter.com/slemarchand

  Many thanks to @oktadev and @aaronpk for the book "OAuth 2.0 Simplified" #OAuth #Contest

  

  Portland, Oregon

  Wed, Aug 21, 2019 6:42pm +00:00 (liked on Thu, Aug 22, 2019 6:55am -07:00) #OAuth #Contest
• Heather Downing https://twitter.com/quorralyne

  Had a great time auditing @aaronpk's #OAuth & #OIDC workshop today. We have such knowledgeable people on the Dev Advocate team at @oktadev 🥰

  

  Portland, Oregon

  Tue, Aug 20, 2019 1:15am +00:00 (liked on Mon, Aug 19, 2019 8:26pm -07:00) #OAuth #OIDC
• 

  Something about Apple's decision to do "OAuth-but-not-quite" rubbed me the wrong way, but this is a great example of how it breaks down very concretely.
  
  https://twitter.com/atomicbird/status/1163478833326108673

  Santa Ana, California, USA

  18 likes 9 reposts 6 replies

  Mon, Aug 19, 2019 2:29pm -07:00 #apple #oauth #openid #oidc
• 

  :sigh: another day, another website that hardcodes their @oauth_2 client secret in JavaScript 🤦‍♂️

  Oregon City, Oregon, USA

  10 likes 4 replies

  Thu, Aug 1, 2019 10:36am -07:00 #oauth
• 

  at Kings Dining & Entertainment - Boston Seaport

  Boston, Massachusetts • Wed, July 31, 2019 11:02am

  42.352872 -71.047285

  Setting up for my #OAuth workshop!

  

  Boston, MA, United States

  1 like 14 Coins

  Wed, Jul 31, 2019 11:02am -04:00 #oauth
• Montreal (YUL) to Newark (EWR)

  July 26, 2019 from 3:40pm to 5:13pm (-0400)

  Air Canada Flight 7742

  Newark (EWR) to Portland (PDX)

  July 26, 2019 from 6:59pm (-0400) to 10:02pm (-0700)

  United Flight 1572

  

  Portland Intl in Portland

  1 mention

  permalink #okta #oauth #ietf
• 

  at Reuben's Deli & Steaks

  Montreal, QC, Canada • Thu, July 25, 2019 8:13pm

  45.499747 -73.573148

  #OAuth dinner! — with microformats

  

  Montreal, QC, Canada

  foursquare.com/user/13388566

  1 like 51 Coins

  Thu, Jul 25, 2019 8:13pm -04:00 #oauth
• OktaDev https://twitter.com/oktadev

  #GiveawayAlert!
  We're giving away 5 copies of the #OAuth book written by the man himself, @aaronpk 😎
  To enter:
  1. Follow @oktadev
  2. RT this post
  3. Comment what you love and hate about #OAuth
  
  Good luck! Giveaway ends 7/30

  

  Wed, Jul 24, 2019 6:17pm +00:00 (reposted on Thu, Jul 25, 2019 9:21am -04:00) #GiveawayAlert #OAuth #OAuth
• Nat Sakimura https://twitter.com/_nat_en

  Interesting presentation yesterday from @justin__richer on XYZ proposal. Slides were much easier to follow than the draft text.
  There were support from the floor to make it experimental work at #oauth wg. https://datatracker.ietf.org/meeting/105/materials/slides-105-oauth-sessa-transactional-authorization-xyz

  Montréal, Québec

  Wed, Jul 24, 2019 7:00pm +00:00 (liked on Wed, Jul 24, 2019 4:31pm -04:00) #oauth
• New York (LGA) to Boston (BOS)

  July 23, 2019 from 6:00am to 7:00am (-0400)

  Delta Flight 3036

  Boston (BOS) to Montreal (YUL)

  July 23, 2019 from 10:45am to 11:59am (-0400)

  Air Canada Flight 7553

  

  Pierre Elliott Trudeau Intl in Montreal

  1 reply 1 mention

  permalink #okta #ietf #oauth