Find an oauth related blog

Below is a list of blogs that are relevant in the space of oauth. Click the displayed title to get details and the link to the blog.

The list contains 13 entrie(s). They are ordered by the authors name.


Aaron Parecki , by Aaron Parecki en

Author Aaron Parecki
Picture Image of Aaron Parecki
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://aaronparecki.com/tag/oauth
Description
I write and post about OAuth topics on my personal blog.

Building OAuth 2.0 Servers , by Aaron Parecki en

Author Aaron Parecki
Picture Image of Aaron Parecki
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://www.oauth.com/
Description
oauth.com is a guide to building OAuth 2.0 servers, written by Aaron Parecki

The API Academy , by Matthew McLarty en

Author Matthew McLarty
Picture Image of Matthew McLarty
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) http://www.apiacademy.co/
Description
The API Academy helps organizations with their strategy, architecture and design for APIs and microservices.

API-University , by Matthias Biehl en

Author Matthias Biehl
Picture Image of Matthias Biehl
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) http://api-university.com/category/blog/
Description
If you?re in charge of initiating, designing or running an API initiative, you?ve got a big responsibility. It isn?t easy. Building APIs your consumers will love is easier said than done. We know what you?re up against. We have built API-University to lend a hand. We make our experiences, best practices, lessons learned and practical know-how available to help you stay on top of it all. Here you get what you need to build APIs that your consumers love.

.Nat Zone - Digital Identity et al. , by Nat Sakimura en

Author Nat Sakimura
Picture Image of Nat Sakimura
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://nat.sakimura.org/
Description
This is a personal blog site of Nat Sakimura, the chairman of the OpenID Foundation. It talks mainly about digital identity and privacy.

How to implement OAuth 2.0 in your API Landscape , by Nicolas Mertens en

Author Nicolas Mertens
Picture Image of Nicolas Mertens
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://www.linkedin.com/pulse/how-implement-oauth-20-your-api-landscape-nicolas-mertens
Description
This article touches the basics of OAuth 2.0 and describes how to implement an OAuth 2.0 Provider into an API Layered Architecture to secure your APIs. It also helps you understand the four OAuth 2.0 flows and explains when to use which flow.

OAuth 2.0 OpenID Connect - Detailed Flow & URI Parameter description , by Nicolas Mertens en

Author Nicolas Mertens
Picture Image of Nicolas Mertens
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://www.linkedin.com/pulse/oauth-20-openid-connect-detailed-flow-uri-parameter-nicolas-mertens
Description
This article takes a deep dive into the technical details (URL parameters and component responsibilities) to successfully implement OAuth 2.0 OpenID Connect in your API Landscape.

Blogs for developers provided by Ping Identity , by Sascha Preibisch en

Author Sascha Preibisch
Picture Image of Sascha Preibisch
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://developer.pingidentity.com/en/blog.html
Description
Different topics on OAuth and OpenID Connect. Also discussions on tools that may help during the development of web projects. For example, a tool that generates the client_secret for Sign In with Apple

Gluu Blog , by William Lowe en

Author William Lowe
Picture Image of William Lowe
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://gluu.org/blog
Description
The Gluu Blog features thoughts, tutorials, and overviews for all things identity and access management.

MAC Token Profile: the Never-Ending Battle over Signatures , by rainer knupfer en

Author rainer knupfer
Picture Image of rainer knupfer
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://www.ti8m.com/blog/MAC-Token-Profile.html
Description
Whilst comparing different authentication schemes such as HTTP Basic Authentication vs. HTTP Digest Access Authentication, one-way SSL vs. two-way SSL, SAML vs. WSS or OAuth 1.0 vs. OAuth 2.0 one notices that they all address similar problems when it comes to apply signatures in order to achieve the known AAA principles.

Authentication Is Good, Trust Is Better. What About Trusting Delegated Identity? , by rainer knupfer en

Author rainer knupfer
Picture Image of rainer knupfer
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://www.ti8m.com/blog/Authentication-is-good-trust-is-Better.html
Description
Trust in a relationship is a must and this is not only holds true for private lives but also in the virtual life. While trustworthiness for established authentication protocols is mainly based on agreement between entities, certificates and keys, trust in the identity delegation context is ambiguous because the owner might not be the consumer of the API. This post addresses some trust concerns when introducing protocols based on identity delegation that de-facto lead to an identity paradigm shift.

Authentication vs. Authorization with OAuth, Does It Really Matter? , by rainer knupfer en

Author rainer knupfer
Picture Image of rainer knupfer
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://www.ti8m.com/blog/authentication-vs-authorization-with-oauth.html
Description
While in the security field the terms authentication and authorization have a clearly defined definition, with the introduction of concepts such as ?delegated authorization? ambiguity might arise. However, it seems that we know what we intend and therefore should we even bother with such discussions?

On the Internet, Nobody Knows You're a Dog ? Identification with OpendIDConnect, the Prelude to , by rainer knupfer en

Author rainer knupfer
Picture Image of rainer knupfer
Blog Language en
Blog URL (clicking the link opens a new window and you are leaving oauth.blog) https://www.ti8m.com/blog/identification-openindconnect.html
Description
When considering authentication, the first thing people think of is identity. However, with the use of new authentication frameworks applied to current business cases, essential security requirements seem to get neglected. Thus, it might just happen that we lose our identity on the internet. This article is part of a series based on different user?s feedback dealing with fundamental security concepts applied to the applicability of authentication and authorization protocols such as OAuth and OpenIDConnect.