Lépjen offline állapotba az Player FM alkalmazással!
OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Parecki - ASW #289
Manage episode 425592570 series 2794675
OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable.
Segment Resources:
- https://oauth.net/2.1
- https://oauth.net/specs/
- https://oauth2simplified.com/
- https://oauth.net/2/dpop/
- https://oauth.net/2/oauth-best-practice/
- https://oauth.net/fapi/
- https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
Show Notes: https://securityweekly.com/asw-289
4109 epizódok
Manage episode 425592570 series 2794675
OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable.
Segment Resources:
- https://oauth.net/2.1
- https://oauth.net/specs/
- https://oauth2simplified.com/
- https://oauth.net/2/dpop/
- https://oauth.net/2/oauth-best-practice/
- https://oauth.net/fapi/
- https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
Show Notes: https://securityweekly.com/asw-289
4109 epizódok
Все серии
×Üdvözlünk a Player FM-nél!
A Player FM lejátszó az internetet böngészi a kiváló minőségű podcastok után, hogy ön élvezhesse azokat. Ez a legjobb podcast-alkalmazás, Androidon, iPhone-on és a weben is működik. Jelentkezzen be az feliratkozások szinkronizálásához az eszközök között.