OAuth 2.0 Pushed Authorization Requests

OAuth 2 Token Introspection

OAuth 2.0 JWT-secured Authorization Requests (JARs)

Увеличили моцареллу для @Lorenzo.bagnati

БУ, ИСПУГАЛСЯ?? #shorts

Farmer narrowly escapes tiger attack

How Much Tape To Stop A Lamborghini?

OAuth 2.0 Pushed Authorization Requests

Рет қаралды 3,850

Jan Goebel

Күн бұрын

Пікірлер: 6

@vladislavzubov2818

@vladislavzubov2818 2 жыл бұрын

Perfect explanation. Thank you for your work man!

@jgoebel 2 жыл бұрын

Glad it was helpful!

@ArvindKumar-oz6jg

@ArvindKumar-oz6jg Жыл бұрын

If an attacker gets hold of the returned request-uri and client-id, there is no way for AS to determine whether the request coming to it is from right source? Seems solved with MTLS client auth

@jgoebel Жыл бұрын

Pushed Authorization Requests essentially protect against a malicious app starting an OAuth flow and requesting more scopes than needed. Even if you do get the request URI, the end user still needs to authenticate. So PARs can add value in high security deployments.

@ArvindKumar-oz6jg

@ArvindKumar-oz6jg Жыл бұрын

@@jgoebel are you active on LinkedIn, would like to connect

@jgoebel Жыл бұрын

@@ArvindKumar-oz6jg yes, the link is in the channel banner on the top right (the LinkedIn symbol) or on my website

OAuth 2 Token Introspection

8:07

OAuth 2 Token Introspection

Jan Goebel

Рет қаралды 8 М.

OAuth 2.0 JWT-secured Authorization Requests (JARs)

8:07

OAuth 2.0 JWT-secured Authorization Requests (JARs)

Jan Goebel

Рет қаралды 3,6 М.

Увеличили моцареллу для @Lorenzo.bagnati

00:48

Увеличили моцареллу для @Lorenzo.bagnati

Кушать Хочу

Рет қаралды 8 МЛН

БУ, ИСПУГАЛСЯ?? #shorts

00:22

БУ, ИСПУГАЛСЯ?? #shorts

Паша Осадчий

Рет қаралды 3 МЛН

Farmer narrowly escapes tiger attack

00:20

Farmer narrowly escapes tiger attack

CTV News

Рет қаралды 12 МЛН

How Much Tape To Stop A Lamborghini?

00:15

How Much Tape To Stop A Lamborghini?

MrBeast

Рет қаралды 237 МЛН

OAuth 2.0 - Rich Authorization Requests (RAR)

12:23

OAuth 2.0 - Rich Authorization Requests (RAR)

Sascha Preibisch

Рет қаралды 361

OAuth 2.0 - a dead simple explanation

9:16

OAuth 2.0 - a dead simple explanation

Jan Goebel

Рет қаралды 24 М.

OAuth 2.0 - Demonstrate Proof-of-Possession

21:27

OAuth 2.0 - Demonstrate Proof-of-Possession

Sascha Preibisch

Рет қаралды 1,5 М.

What is the difference between a PUT and a PATCH request?

9:58

What is the difference between a PUT and a PATCH request?

Jan Goebel

Рет қаралды 10 М.

OAuth 2.0 mutual client authentication (mTLS)

9:52

OAuth 2.0 mutual client authentication (mTLS)

Jan Goebel

Рет қаралды 10 М.

OpenID Connect client authentication: client_secret_jwt and private_key_jwt

6:03

OpenID Connect client authentication: client_secret_jwt and private_key_jwt

Jan Goebel

Рет қаралды 4,8 М.

Увеличили моцареллу для @Lorenzo.bagnati

00:48

Увеличили моцареллу для @Lorenzo.bagnati

Кушать Хочу

Рет қаралды 8 МЛН