48°F

Aaron Parecki

  • Articles
  • Notes
  • Photos

#openid

  • Clients shouldn’t peek inside access tokens – CloudIdentity (www.cloudidentity.com)
    #oauth #openid #oidc
    Wed, Apr 6, 2022 6:55pm -07:00
  • François' Blog - Generate a JSON Web Key Set from PHP for RSA Keys (www.tuxed.net)
    #php #jwk #jwt #openid #oidc
    Wed, Feb 23, 2022 3:54pm -08:00
  • Aaron Parecki
    Do I know anyone involved with @LoginDotGov? I found a few (minor) issues with the OAuth/OpenID docs there https://developers.login.gov/oidc/
    Portland, Oregon, USA • 29°F
    1 like 1 repost 6 replies
    #gov #openid
    Wed, Feb 23, 2022 9:40am -08:00
  • Torsten Lodderstedt https://twitter.com/tlodderstedt
    Meet you at the definitive place to discuss OAuth/OpenID/GNAP security with practitioners and researchers. #osw7 #oauth #openid
    Portland, Oregon • 60°F
    #osw7 #oauth #openid
    Sat, Feb 12, 2022 4:37pm +00:00 (liked on Sat, Feb 12, 2022 3:50pm -08:00)
  • I don’t like Identity Tokens | leastprivilege.com (leastprivilege.com)
    #oauth #oidc #openid #token
    Fri, Oct 1, 2021 4:48pm -07:00
  • Aaron Parecki
    okay Internet, I need your suggestions:

    I have a static website that I can't modify, and I want to host it on some platform that I can tie to an arbitrary OpenID Connect provider so that only certain people can access it.

    What's the easiest way to do this?
    Portland, Oregon • 83°F
    13 likes 7 reposts 47 replies
    #oauth #openid
    Fri, Jul 23, 2021 3:16pm -07:00
  • Bypassing 2FA using OpenID Misconfiguration (youst.in)
    #openid #security
    Sun, Jun 27, 2021 3:18pm -07:00
  • The SSO Wall of Shame | A list of vendors that treat single sign-on as a luxury feature, not a core security requirement. (sso.tax)
    #sso #openid #security
    Tue, May 25, 2021 4:50pm -07:00
  • FAPI – Financial Grade API (fapi.openid.net)
    #openid #fapi #security
    Wed, Apr 7, 2021 12:11pm -07:00
  • openid / connect / issues / #1200 - Impact of Implicit Grant Removal in OAuth 2.1 — Bitbucket (bitbucket.org)
    #oauth #openid
    Sat, Feb 27, 2021 7:40am -08:00
  • When PKCE Cannot Protect Your Confidential OAuth Client (www.hackmanit.de)
    #oauth #openid #pkce #nonce #security
    Mon, Oct 26, 2020 10:02am -07:00
  • Internet Identity Workshop XXXI
    Oct
    20
    Oct
    21
    Oct
    22
    October 20-22, 2020
    3 days
    Online
    #iiw #oauth #openid #identity
    permalink
  • What's New in OAuth and OpenID Connect
    Sep
    16
    September 16, 2020 11:20am - 11:50am (+1000)
    Online
    API Days Live Australia
    View Slides
    #apidays #security #oauth #openid
    permalink
  • What's New in OAuth 2.1
    Aug
    19
    August 19, 2020 10:50am - 11:15am (+0800)
    Online
    API Days Live Singapore
    #oauth #openid #security #apidays
    permalink
  • Hans Zandbelt https://twitter.com/hanszandbelt
    So at first Apple shortcutted OIDC protocol steps in SIWA which rendered them insecure, after fixing that they went on to add extras on top of OIDC which now renders them insecure again. It should be clear to everyone now: don't roll your own. #openid #siwa
    Portland, Oregon • 60°F
    #openid #siwa
    Sun, May 31, 2020 6:43pm +00:00 (liked on Sun, May 31, 2020 12:47pm -07:00)
  • PKCE vs. Nonce: Equivalent or Not? (danielfett.de)
    #oauth #security #pkce #openid #nonce
    Mon, May 18, 2020 4:04pm -07:00
  • Aaron Parecki
    Something about Apple's decision to do "OAuth-but-not-quite" rubbed me the wrong way, but this is a great example of how it breaks down very concretely.

    https://twitter.com/atomicbird/status/1163478833326108673
    Santa Ana, California, USA
    18 likes 9 reposts 6 replies
    #apple #oauth #openid #oidc
    Mon, Aug 19, 2019 2:29pm -07:00
  • Open Letter from the OpenID Foundation to Apple Regarding Sign in with Apple | Hacker News (news.ycombinator.com)
    #openid #appleid
    Sat, Jun 29, 2019 9:51pm -07:00
  • Vidoop secures Messina and Norris – Silicon Florist (siliconflorist.com)
    #pdxtech #vidoop #openid
    Sat, Feb 2, 2019 7:18pm -08:00
  • Steve Hutchinson https://twitter.com/IdentityHutch
    Nice rebuttal by @scottbrady91 from @rskltd to Okta's “Nobody Cares About #OAuth or #OpenID Connect.” I agree that developers should care and #identity professionals should elevate the discourse. @idpro_org @openid #OIDC https://www.scottbrady91.com/OAuth/Why-Developers-Do-Care-About-OAuth-and-OpenID-Connect
    Portland, Oregon • 42°F
    #OAuth #OpenID #identity #OIDC
    Mon, Jan 28, 2019 3:57pm +00:00 (liked on Mon, Jan 28, 2019 8:04am -08:00)
next

Hi, I'm Aaron Parecki, Senior Security Architect at Okta, and co-founder of IndieWebCamp. I maintain oauth.net, write and consult about OAuth, and participate in the OAuth Working Group at the IETF. I also help people learn about video production and livestreaming and dabble in product design.

I've been tracking my location since 2008 and I wrote 100 songs in 100 days. I've spoken at conferences around the world about owning your data, OAuth, quantified self, and explained why R is a vowel. Read more.

  • Security Architect at Okta
  • IndieWebCamp Founder
  • OAuth WG Member

  • 🎥 YouTube Tutorials and Reviews
  • 🏠 We're building a triplex!
  • ⭐️ Life Stack
  • ⚙️ Home Automation
  • All
  • Articles
  • Bookmarks
  • Notes
  • Photos
  • Replies
  • Reviews
  • Trips
  • Videos
  • Contact
© 1999-2023 by Aaron Parecki. Powered by p3k. This site supports Webmention.
Except where otherwise noted, text content on this site is licensed under a Creative Commons Attribution 3.0 License.
IndieWebCamp Microformats Webmention W3C HTML5 Creative Commons
WeChat ID
aaronpk_tv