Aaron Parecki

#openid

• I don’t like Identity Tokens | leastprivilege.com (leastprivilege.com)

  #oauth #oidc #openid #token

  Fri, Oct 1, 2021 4:48pm -07:00
• 

  okay Internet, I need your suggestions:
  
  I have a static website that I can't modify, and I want to host it on some platform that I can tie to an arbitrary OpenID Connect provider so that only certain people can access it.
  
  What's the easiest way to do this?

  Portland, Oregon • 83°F

  13 likes 7 reposts 47 replies

  #oauth #openid

  Fri, Jul 23, 2021 3:16pm -07:00
• Bypassing 2FA using OpenID Misconfiguration (youst.in)

  #openid #security

  Sun, Jun 27, 2021 3:18pm -07:00
• The SSO Wall of Shame | A list of vendors that treat single sign-on as a luxury feature, not a core security requirement. (sso.tax)

  #sso #openid #security

  Tue, May 25, 2021 4:50pm -07:00
• FAPI – Financial Grade API (fapi.openid.net)

  #openid #fapi #security

  Wed, Apr 7, 2021 12:11pm -07:00
• openid / connect / issues / #1200 - Impact of Implicit Grant Removal in OAuth 2.1 — Bitbucket (bitbucket.org)

  #oauth #openid

  Sat, Feb 27, 2021 7:40am -08:00
• When PKCE Cannot Protect Your Confidential OAuth Client (www.hackmanit.de)

  #oauth #openid #pkce #nonce #security

  Mon, Oct 26, 2020 10:02am -07:00
• Internet Identity Workshop XXXI

  Oct

  20

  Oct

  21

  Oct

  22

  October 20-22, 2020
  3 days

  Online

  #iiw #oauth #openid #identity

  permalink
• What's New in OAuth and OpenID Connect

  Sep

  16

  September 16, 2020 11:20am - 11:50am (+1000)

  Online

  API Days Live Australia

  View Slides

  #apidays #security #oauth #openid

  permalink
• What's New in OAuth 2.1

  Aug

  19

  August 19, 2020 10:50am - 11:15am (+0800)

  Online

  API Days Live Singapore

  #oauth #openid #security #apidays

  permalink
• Hans Zandbelt https://twitter.com/hanszandbelt

  So at first Apple shortcutted OIDC protocol steps in SIWA which rendered them insecure, after fixing that they went on to add extras on top of OIDC which now renders them insecure again. It should be clear to everyone now: don't roll your own. #openid #siwa

  Portland, Oregon • 60°F

  #openid #siwa

  Sun, May 31, 2020 6:43pm +00:00 (liked on Sun, May 31, 2020 12:47pm -07:00)
• PKCE vs. Nonce: Equivalent or Not? (danielfett.de)

  #oauth #security #pkce #openid #nonce

  Mon, May 18, 2020 4:04pm -07:00
• 

  Something about Apple's decision to do "OAuth-but-not-quite" rubbed me the wrong way, but this is a great example of how it breaks down very concretely.
  
  https://twitter.com/atomicbird/status/1163478833326108673

  Santa Ana, California, USA

  18 likes 9 reposts 6 replies

  #apple #oauth #openid #oidc

  Mon, Aug 19, 2019 2:29pm -07:00
• Open Letter from the OpenID Foundation to Apple Regarding Sign in with Apple | Hacker News (news.ycombinator.com)

  #openid #appleid

  Sat, Jun 29, 2019 9:51pm -07:00
• Vidoop secures Messina and Norris – Silicon Florist (siliconflorist.com)

  #pdxtech #vidoop #openid

  Sat, Feb 2, 2019 7:18pm -08:00
• Steve Hutchinson https://twitter.com/IdentityHutch

  Nice rebuttal by @scottbrady91 from @rskltd to Okta's “Nobody Cares About #OAuth or #OpenID Connect.” I agree that developers should care and #identity professionals should elevate the discourse. @idpro_org @openid #OIDC https://www.scottbrady91.com/OAuth/Why-Developers-Do-Care-About-OAuth-and-OpenID-Connect

  Portland, Oregon • 42°F

  #OAuth #OpenID #identity #OIDC

  Mon, Jan 28, 2019 3:57pm +00:00 (liked on Mon, Jan 28, 2019 8:04am -08:00)
• W3C Workshop on Strong Authentication & Identity

  Dec

  10

  Dec

  11

  December 10-11, 2018
  

  Microsoft Building 27

  Redmond, Washington, US

  #oauth #openid

  permalink
• Petition · OpenID Connect Community Stakeholders: Reform Governance for OpenID Connect · Change.org (www.change.org)

  #openid #openidconnect

  Thu, Jul 26, 2018 11:02am -07:00
• Aaron Parecki https://aaronparecki.com/   •   Mar 7

  End of an era. StackOverflow is dropping support for OpenID. https://meta.stackexchange.com/questions/307647/support-for-openid-ends-on-july-1-2018
  

  In related news, indieauth.com usage is steadily growing. However the vast majority of that is people logging in to StackExchange since it was one of the last remaining OpenID consumers 😂

  

  Portland, Oregon • 40°F

  5 likes 1 reply

  #openid

  Wed, Mar 7, 2018 8:25am -08:00
• 

  End of an era. StackOverflow is dropping support for OpenID. https://meta.stackexchange.com/questions/307647/support-for-openid-ends-on-july-1-2018

  Portland, Oregon • 39°F

  6 likes 3 reposts 5 replies 3 mentions

  #openid #stackoverflow

  Wed, Mar 7, 2018 8:08am -08:00