Posts tagged "oauth"

100daysofcode 100daysofdevops 100pay 10mistakes 10yearworkanniversary 11 11labs 11tly 11ty 127001

Attacks via a New OAuth flow, Authorization Code Injection, and Whether HttpOnly, PKCE, and BFF Can Help

In this article, we’ll take a close look at an interesting attack vector targeting applications that use OAuth/OIDC. We’ll explore the required preconditions for this attack — and see that they ...

12.04.2025 0 Read More

Clerk vs Auth0: Choosing the Right Authentication Solution

When building a modern web application, robust and user-friendly authentication is crucial. Choosing the right authentication solution can significantly impact your development speed, security, and us...

15.04.2025 0 Read More

Go for Node developers: creating an IDP from scratch - Set-up

Series Intro Nowadays, due to performance constraints a lot of companies are moving away from NodeJS to Go for their network and API stacks. This series is for developers interest in making t...

18.04.2025 0 Read More

The Atlassian OAuth Disaster Nobody’s Talking About

TL;DR: Atlassian 3LO tokens aren’t bound to the specific resource the user consents to. They can expose access to multiple Jira instances — even ones the user never approved — and there’s no ...

20.04.2025 0 Read More

SSO vs OAuth – Understand the Key Difference

If you're building modern web or mobile apps, chances are you've come across terms like SSO, OAuth, and OpenID Connect (OIDC). While they often appear together, they serve different purposes. Here’s...

20.04.2025 0 Read More

Why do we need OAuth ?

There are two perspective here when explaining why do we need OAuth. Lets see the user view first. User Perspective Imagine this: you’re using a slick new PDF editing app that lets you annot...

20.04.2025 0 Read More

JWT Creation and Integration in InterSystems IRIS

What is JWT?JWT (JSON Web Token) is an open standard (RFC 7519) that offers a lightweight, compact, and self-contained method for securely transmitting information between two parties. It is commonly ...

21.04.2025 0 Read More

Going Deeper with Keycloak: Understanding Authorization Services

In the first two parts of this Keycloak series, we covered the fundamentals, how to install Keycloak and get it up and running, and how to secure your RESTful API using Role-Based Access Control (RBAC...

22.04.2025 0 Read More

🔐 What Is OAuth2 and Why It Matters – A Developer's Perspective

...

22.04.2025 0 Read More

How To Use Refresh Token Rotation In AWS Cognito

Finally, a long-awaited feature of AWS Cognito is here. Now, Cognito user pools support the rotation of refresh tokens. In this post, we’ll understand what has changed and how to implement it in you...

04.05.2025 0 Read More

Attacks via a New OAuth flow, Authorization Code Injection, and Whether HttpOnly, PKCE, and BFF Can Help

Clerk vs Auth0: Choosing the Right Authentication Solution

Go for Node developers: creating an IDP from scratch - Set-up

The Atlassian OAuth Disaster Nobody’s Talking About

SSO vs OAuth – Understand the Key Difference

Why do we need OAuth ?

JWT Creation and Integration in InterSystems IRIS

Going Deeper with Keycloak: Understanding Authorization Services

🔐 What Is OAuth2 and Why It Matters – A Developer's Perspective

How To Use Refresh Token Rotation In AWS Cognito

#reading

#popular