Sign up to save your podcasts
Or
Share OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Parecki - ASW #289
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
OAuth 2.0 from Protecting APIs to Supporting Authorization & Authentication - Aaron Parecki - ASW #289
OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable.
Segment Resources:
- https://oauth.net/2.1
- https://oauth.net/specs/
- https://oauth2simplified.com/
- https://oauth.net/2/dpop/
- https://oauth.net/2/oauth-best-practice/
- https://oauth.net/fapi/
- https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
Show Notes: https://securityweekly.com/asw-289
View all episodes
By Mike Shema
4.8
44 ratings
OAuth 2.0 is more than just a single spec and it's used to protect more than just APIs. We talk about challenges in maintaining a spec over a decade of changing technologies and new threat models. Not only can OAuth be challenging to secure by default, but it's not even always inter-operable.
Segment Resources:
- https://oauth.net/2.1
- https://oauth.net/specs/
- https://oauth2simplified.com/
- https://oauth.net/2/dpop/
- https://oauth.net/2/oauth-best-practice/
- https://oauth.net/fapi/
- https://developer.mozilla.org/en-US/docs/Web/API/FedCM_API
Show Notes: https://securityweekly.com/asw-289
More shows like Application Security Weekly (Video)
View all
Security Now (Audio)
2,011 Listeners
CyberWire Daily
1,028 Listeners
Pod Save America
87,868 Listeners
Darknet Diaries
8,077 Listeners
Hacking Humans
315 Listeners
Cloud Security Podcast
57 Listeners
Cybersecurity Headlines
139 Listeners