Aaron Parecki

57°F

#oauth

Hi, I'm Aaron Parecki. I write about OAuth here, and I give talks about OAuth 2.0. Below you'll find my recent posts about various OAuth-related things, including talks I'm giving. I've also written two community resources about OAuth:

OAuth 2.0 Simplified is a guide to OAuth 2.0 focused on writing clients that gives a clear overview of the spec at an introductory level.

In 2017, I published a longer version of this guide as a book, available on oauth.com as well as a print version. The book guides you through building an OAuth server, and covers many details that are not part of the spec. I published this book in conjunction with Okta.

Portland, Oregon

Sat, Feb 4, 2017 11:35am -08:00 #oauth #oauth2

ActivityPub Conference 2020

Oct

2

Oct

3

Oct

4

October 2-4, 2020
3 days
Online

permalink #activitypub #oauth #indieweb #indieauth
Wurreka https://twitter.com/wurreka

@aaronpk LIVE at #GIDS #WEB now covering the latest best practices around #OAuth security currently in development by the IETF OAuth Working Group.

Portland, Oregon • 71°F

Thu, Oct 1, 2020 2:42am +00:00 (liked on Wed, Sep 30, 2020 7:55pm -07:00) #GIDS #WEB #OAuth
Hacking OAuth

Sep

30

September 30, 2020 7:00pm - 8:00pm (-0700)
Online

GIDS.WEB

permalink #oauth #oktadev #security
GIDS.WEB

Sep

30

Oct

1

September 30 through October 1, 2020

Online

permalink #oauth #oktadev
Super excited to be featured on @Auth0's new podcast "Identity Unlocked" talking with @vibronet all about OAuth 2.1! Give it a listen here! https://auth0.com/blog/identity-unlocked-explained-episode-2/

Portland, Oregon • 77°F

17 likes 6 reposts

Mon, Sep 28, 2020 1:35pm -07:00 #auth0 #oauth #identity #oauth21
ActivityPub and OAuth 2.1

continue reading...

4 likes 4 replies 3 mentions

Tue, Sep 22, 2020 7:04pm -07:00 #activitypub #oauth #indieauth #indieweb
Wurreka https://twitter.com/wurreka

As a member of the IETF OAuth Working Group, @aaronpk covers the latest best practices around #OAuth security. Join him LIVE at #GIDS #WEB Thu, 01st Oct, as he examines a few recent high-profile #WebSecurity breaches & discusses how they relate to OAuth: https://www.wurreka.com/ict/virtual-conference/web/session/hacking-oauth

Portland, Oregon • 73°F

Thu, Sep 17, 2020 12:30am +00:00 (liked on Wed, Sep 16, 2020 5:30pm -07:00) #OAuth #GIDS #WEB #WebSecurity
What's New in OAuth and OpenID Connect

Sep

16

September 16, 2020 11:20am - 11:50am (+1000)
Online

API Days Live Australia

View Slides

permalink #apidays #security #oauth #openid
API Days Live Australia

Sep

14

Sep

15

Sep

16

September 14-16, 2020
3 days
Online

permalink #apidays #oauth #security
Alexander Clouter / oauth2-worker · GitLab (gitlab.com)

Fri, Sep 4, 2020 2:23pm -07:00 #oauth #spa #oauth2
How to Think About OAuth Security

Sep

2

September 2, 2020 11:00am - 11:45am (-0700)
Online

Disclosure

View Slides

permalink #oauth #security
Disclosure

Sep

2

September 2, 2020 9:00am - 6:00pm (-0700)
Online

permalink #okta #oauth #security
I'm giving a talk about OAuth security at #DisclosureConf tomorrow! It's not too late to register! https://developer.okta.com/blog/2020/09/01/aaron-parecki-disclosure-conf-2020

Portland, Oregon • 71°F

9 likes 5 reposts 1 reply 1 mention

Tue, Sep 1, 2020 8:33am -07:00 #security #oauth #disclosureconf
What's New in OAuth 2.1

Aug

19

August 19, 2020 10:50am - 11:15am (+0800)
Online

API Days Live Singapore

permalink #oauth #openid #security #apidays
API Days Live Singapore

Aug

18

Aug

19

Aug

20

August 18-20, 2020
3 days
Online

permalink #apidays #oauth #security
OktaDev https://twitter.com/oktadev

Okta now has first-class support for Sign in with Apple! 🍎 Follow this guide to configure Apple as an external IdP in your Okta Developer account! 🚀 https://developer.okta.com/docs/guides/add-an-external-idp/apple/create-an-app-at-idp/ #OAuth #OIDC

Portland, Oregon • 64°F

Wed, Aug 12, 2020 6:44pm +00:00 (liked on Wed, Aug 12, 2020 11:46am -07:00) #OAuth #OIDC
Connect2id https://twitter.com/connect2id

We set out to give an overview of #OAuth 2.1, for developers already familiar with OAuth 2.0 as well as newcomers @DickHardt @aaronpk @tlodderstedt http://c2id.co/8q

Portland, Oregon • 61°F

Thu, Aug 6, 2020 6:03pm +00:00 (liked on Thu, Aug 6, 2020 11:16am -07:00) #OAuth
Least privilege with less effort: Macaroon access tokens in AM 7.0 – Neil Madden (neilmadden.blog)

"The only problem was it turned out that even if you did have the secret key you often couldn’t use the token either, because it was just too hard to get request signing to work reliably. Some brave souls periodically try and revive this idea."

Thu, Jul 30, 2020 10:54am -07:00 #oauth #signing
OAuth 2.1 has officially been adopted by the IETF OAuth working group! 🎉

https://tools.ietf.org/html/draft-ietf-oauth-v2-1-00

I'll be chatting about this and many other updates from last week's security workshop today during OAuth Happy Hour! Join me and bring your questions!

https://www.youtube.com/watch?v=sUEBatNmsbY

Portland, Oregon • 71°F

36 likes 11 reposts 3 replies 1 mention

Thu, Jul 30, 2020 8:51am -07:00 #oauth
Blort™ (Unofficial) 🚫 https://social.tchncs.de/@Blort • Jul 25
@aaronpk
So, have you heard of any progress on the horizon towards a self hostable identity/authorization login service yet?
Still waiting for the day that logging into another Fediverse service is as easy as logging into a new website with Facebook...(or at least that we can see progress towards something like it...) #Mozilla #Persona looked good. Not sure if #ReclaimID is going anywhere. I'd love to hear about it if something is moving forward somewhere...
(Not sure if #Oauth related or not)

I'm doing a talk at #APConf about exactly this... how the fediverse can use #OAuth to achieve exactly this goal! https://conf.activitypub.rocks/

Portland, Oregon • 67°F

Fri, Jul 24, 2020 8:00pm -07:00 #apconf #oauth

older