Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Parecki - ASW #289
Manage episode 425689541 series 72776
OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable.
Segment Resources:
- https://oauth.net/2.1
- https://oauth.net/specs/
- https://oauth2simplified.com/
- https://oauth.net/2/dpop/
- https://oauth.net/2/oauth-best-practice/
- https://oauth.net/fapi/
- https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
Show Notes: https://securityweekly.com/asw-289
4110 tập
Manage episode 425689541 series 72776
OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable.
Segment Resources:
- https://oauth.net/2.1
- https://oauth.net/specs/
- https://oauth2simplified.com/
- https://oauth.net/2/dpop/
- https://oauth.net/2/oauth-best-practice/
- https://oauth.net/fapi/
- https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
Show Notes: https://securityweekly.com/asw-289
4110 tập
Todos os episódios
×Chào mừng bạn đến với Player FM!
Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.