Aaron Parecki

#oauth

• 

  Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

  OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

  In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

  Portland, Oregon

  Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2

• OAuth Security Workshop

  Jul

  22

  Jul

  23

  Jul

  24

  July 22-24, 2020
  3 days

  Scandic Nidelven

  Trondheim, Trøndelag, NOR

  permalink #oauth #okta
• 

  I'm going live with @afitnerd in 5 minutes to talk about OAuth, online security, and also chat about yesterday's massive #TwitterHack! Join us, and bring your OAuth questions! https://youtu.be/dJl5wNAPm-w

  Portland, Oregon, USA

  3 likes 1 repost

  Thu, Jul 16, 2020 12:55pm -07:00 #oauth #twitter #security #twitterhack
• An offensive guide to the Authorization Code grant (postvidia.com)

  Tue, Jul 14, 2020 4:58pm -07:00 #oauth #security
• The State of OAuth

  Jun

  30

  June 30, 2020 10:20am - 10:45am (-0700)

  Online

  Interface by API Days

  View Slides

  permalink #oauth
• 

  I'm going live in 10 minutes talking about the State of OAuth at @APIDaysGlobal!
  
  Register for free → https://www.apidays.co/interface

  Portland, Oregon • 63°F

  5 likes 1 repost

  Tue, Jun 30, 2020 10:09am -07:00 #oauth
• Why AnyList Won’t Be Supporting Sign In with Apple - AnyList Blog (blog.anylist.com)

  Mon, Jun 29, 2020 9:21pm -07:00 #apple #oauth
• 

  sneak peek of an image I made for a talk tomorrow
  
  can you guess what it's about?

  

  Portland, Oregon • 73°F

  14 likes 1 repost 10 replies

  Mon, Jun 29, 2020 6:37pm -07:00 #oauth #gollum
• Interface by API Days

  Jun

  30

  Jul

  1

  June 30 through July 1, 2020
  

  Online

  permalink #apidays #oauth

• The Real Cause of the Sign In with Apple Zero-Day

  

  The zero-day bug in Sign In with Apple actually had nothing to do with the OAuth or OpenID Connect part of the Sign In with Apple exchange, and very little to do even with JWTs. Let's take a closer look to see what actually happened.

  continue reading...

  37 likes 19 reposts 1 bookmark 9 replies 25 mentions

  Sun, May 31, 2020 1:49pm -07:00 #oauth #oidc #apple #siwa #security #zeroday
• 

  Going live with @afitnerd in 10 minutes to talk about all things #OAuth and OpenID Connect! I think we might even have a demo of a pretty sneaky attack to show off!
  
  https://youtu.be/moQidjdV5cw

  Portland, Oregon • 56°F

  2 likes 2 reposts

  Thu, May 21, 2020 12:49pm -07:00 #oauth #oidc
• PKCE vs. Nonce: Equivalent or Not? (danielfett.de)

  Mon, May 18, 2020 4:04pm -07:00 #oauth #security #pkce #openid #nonce
• The Wondeful World of OAuth: Bug Bounty Edition - A Bug’z Life - Medium (medium.com)

  Sun, May 17, 2020 10:39pm -07:00 #oauth #security
• 

  About to go live at another #OAuth Happy Hour! We'll be talking about security, sharing the latest updates from the last IETF meeting, and answering your OAuth questions!
  
  https://youtu.be/E4msDjZMRZc

  Portland, Oregon • 56°F

  2 likes

  Thu, May 14, 2020 12:49pm -07:00 #oauth
• Why avoiding LocalStorage for tokens is the wrong solution (pragmaticwebsecurity.com)

  Mon, May 11, 2020 3:34pm -07:00 #oauth #xss #localstorage #security
• Randall Degges https://twitter.com/rdegges

  If you want to know anything about #oauth, you should absolutely join this. @aaronpk and @afitnerd have been doing these livestreams weekly and they're fucking AMAZING.

  Portland, Oregon • 72°F

  Thu, May 7, 2020 8:44pm +00:00 (liked on Thu, May 7, 2020 3:36pm -07:00) #oauth
• How to Hack OAuth

  Apr

  29

  April 29, 2020 1:30pm - 2:10pm (-0700)

  Online

  Goto Chicago

  View Slides

  permalink #oktadev #oauth
• How to Hack OAuth

  Apr

  28

  April 28, 2020 11:30am - 12:10pm (-0700)

  Online

  Goto Chicago

  View Slides

  permalink #oauth #oktadev
• Okta Developer Workshop Boston

  Apr

  23

  April 23, 2020 1:00pm - 3:30pm (-0400)

  permalink #okta #oauth
• 

  Reminder! Join me today at 1pm pacific for an OAuth Happy Hour! 🔐🍻 I'll be answering your #OAuth questions along with my friend @afitnerd!
  
  Details here ➡️ https://events.oauth.net/2020/04/oauth-happy-hour-5aVNs7pL1gE1

  Portland, Oregon • 53°F

  4 likes 1 repost 1 mention

  Thu, Apr 23, 2020 9:53am -07:00 #oauth
• Airman https://twitter.com/airman604

  Outstanding talk about #OAuth and OAuth #security by @aaronpk https://www.youtube.com/watch?v=aU9RsE4fcRM

  Portland, Oregon • 54°F

  Tue, Apr 21, 2020 7:11pm +00:00 (liked on Tue, Apr 21, 2020 12:29pm -07:00) #OAuth #security