CRITICAL: Race condition in parse-server OAuth2 can allow token bypass across providers (>=9.0.0 <9.6.0-alpha.11, <8.6.37). Upgrade now! 🔒 radar.offseq.com/threat/cve-2026-32242-cw... #OffSeq #parseServer #OAuth2
0
0
0
0
Hashtag
#Oauth2
Advertisement · 728 × 90
The livestream starts NOW! 🔴 Security you can’t prove isn’t security, it’s hope.
Stop relying on manual checks. We’re showing you how to automate your security testing to ensure your API only accepts your trusted tokens.
🔗 Join us now: duende.link/lsjwt26b
#OAuth2 #JWT #DotNet
1
1
0
0
Join our livestream in 1 HOUR! 📣 JWTs are the industry standard, but are they right for your specific architecture?
We’re breaking down the strategic trade-offs between JWTs vs. Opaque Tokens.
Be there: duende.link/lsjwt26b
#OAuth2 #JWT #DotNet
1
0
0
0
Tomorrow! Join our livestream on March 3rd.
Stop relying on manual checks. We’re showing you how to automate your security testing to ensure your API only accepts your trusted tokens.
🔗 March 3rd. Be there: duende.link/lsjwt26b
#OAuth2 #JWT #DotNet
1
2
0
0
JWTs are the industry standard, but are they right for your specific architecture?
We’re breaking down the strategic trade-offs between JWTs vs. Opaque Tokens.
🔗 March 3rd. Be there: duende.link/lsjwt26b
#OAuth2 #JWT #DotNet
1
0
0
0
I feel like maybe people who work in infosec just don't understand how little brain-power the average developer wants to devote to their fancy auth solution.
Scoped API tokens in Atlassian require you to hit a different API endpoint; they don't work with the same endpoint as unscoped tokens […]
0
0
1
0
Should you blindly trust JWTs for accessing APIs? 😟
You’ve got OAuth 2.0 and #JWT's, but a single misconfiguration in your library can leave you wide open. Join Wesley to see why "standard" validation isn't always enough.
🔗 Be there on March 3rd: duende.link/lsjwt26b
#OAuth2 #DotNet
0
0
0
0
In which, Blaine Cook ( @blaine ) explains "What is OAuth?" in the framing not of standards and specifications, nor in technical terms, but instead in this framing:
> “What I need is to understand why it is designed this way, and to see concrete examples of use cases that motivate the design” […]
0
1
0
0
I'm very happy with the current version of #EzAuth. Authentication should be quick and easy to setup in #Golang Very close to v1.0.0 #buildinpublic #auth #jwt #oauth2
github.com/josuebrunel/...
1
1
0
0
Security you can’t prove isn’t security, it’s hope.
Stop relying on manual checks. We’re showing you how to automate your security testing to ensure your API only accepts your trusted tokens.
🔗 March 3rd. Be there: duende.link/lsjwt26b
#OAuth2 #JWT #DotNet
3
0
0
0
Extracting Salesforce Data in Power BI Using Client Credentials Flow (External Client App Manager): Salesforce data extraction in Power BI doesn’t have to be an issue.
In this post, we explore how to configure a Salesforce… @PowerBI #Salesforce #PowerBI #DataExtraction #OAuth2 #ClientCredentials
0
0
0
0
JWTs are the industry standard, but are they right for your specific architecture?
We’re breaking down the strategic trade-offs between JWTs vs. Opaque Tokens.
🔗 March 3rd. Be there: duende.link/lsjwt26b
#OAuth2 #JWT #DotNet
1
1
0
0
OpenID Connect signing key rotation is an essential part of modern security 🔒
We break down the technical & compliance requirements, and how Duende IdentityServer's automatic key management ensures zero-downtime rotation.
duende.link/yhwsz42
#OpenIDConnect #OAuth2 #dotnet
1
0
0
0
JWTs are the industry standard, but are they right for your specific architecture?
We’re breaking down the strategic trade-offs between JWTs vs. Opaque Tokens.
🔗 March 3rd. Be there: duende.link/lsjwt26b
#OAuth2 #JWT #DotNet
0
0
0
0
Should you blindly trust JWTs for accessing APIs? 😟
You’ve got OAuth 2.0 and JWTs, but a single misconfiguration in your library can leave you wide open. Join Wesley to see why "standard" validation isn't always enough.
🔗 Be there on March 3rd: duende.link/lsjwt26
#OAuth2 #DotNet #JWT
0
0
0
0
I spent evening to get Microsoft Oauth working for a web site. Turns out the token does not contain email for the user. Which makes it rather useless for login. Did I do something wrong?
Google oauth is dead simple to get working, just create the credentials. Is MS not similar for […]
1
0
0
0
Security you can’t prove isn’t security, it’s hope.
Stop relying on manual checks. We’re showing you how to automate your security testing to ensure your API only accepts your trusted tokens.
🔗 March 3rd. Be there: duende.link/lsjwt26b
#OAuth2 #JWT #DotNet
0
2
0
0
a screenshot of the flohmarkt login screen that now features a "use keycloak" button
the default login view of keycloak a username "harrypotter" and a password are entered
a screenshot of flohmarkt with opened user menu. the menu shows that the harrypotter-user from the former screenshot is now currently logged in.
today, the #flohmarkt software has witnessed its first login via #OIDC #Oauth2. A keycloak installation served as the identity provider. This marks the beginning of the end of our integrate-more-auth-backends saga!
0
2
0
0
Updated to .NET 10
Alternative flow for OAuth 2.0 First-Party Applications
github.com/damienbod/OA...
#identity #oauth #oauth2 #native #dotnet #aspnetcore #iam #dpop #duende
0
0
0
0
En synthèse : L'interopérabilité des standards (OAuth 2.1/OIDC) associée à une défense en profondeur (PKCE, eBPF) constitue la base de référence pour toute infrastructure API résiliente en 2026.
#AppSec #Cybersecurity #Architecture #OAuth2 #OIDC #eBPF #ZeroTrust #CloudNative
1
0
0
0
OpenID Connect signing key rotation is an essential part of modern security 🔒
We break down the technical & compliance requirements, and how Duende IdentityServer's automatic key management ensures zero-downtime rotation.
duende.link/yhwsz42
#OpenIDConnect #OAuth2 #dotnet
0
0
0
0
Wrote a bash script that creates a very specific JWT for Apple OAuth's client secret parameter based on the Service ID, Team ID, Key ID, and PEM key. AMA
#JWT #OAuth2 #Apple
0
0
0
0
OpenID Connect signing key rotation is a non-negotiable part of modern security 🔒
We break down the technical and compliance requirements, and how Duende IdentityServer's automatic key management ensures zero-downtime rotation.
duende.link/yhwsz42
#OpenIDConnect #OAuth2 #Security #dotnet
0
0
0
0
Access Token 토큰 만료로 인한 서비스 중지를 막기 위해선 직접 n8n 의 워크플로우에서 주기적으로 토큰을 갱신해주고, RESTful API에 해당 토큰을 넣어주면 된다.
물론 좀 성가실 수는 있지만 n8n을 쓰는 사람이라면 '자동화'에 관심있는 사람이니 이런 토큰 갱신 자동화도 관심있겠지.
#n8n #sns #자동화 #도전인생 #automation #oauth2
0
0
0
0
물론 n8n내에서 제대로 refresh가 되는 경우도 있겠지만 수백차례 써 본 내 경험에 의하면 거의 대부분 토큰 만료가 발생한다. 특히 테스트 App 인 경우는 100%...
이를 해결하기 위해선...
#n8n #sns #자동화 #도전인생 #automation #oauth2
0
0
0
0
n8n을 사용하는 분이라면 외부 RESTful API 사용은 필수이고, 이를 위해선 OAuth2를 제대로 이해해야좋다.
이유는 보통 Access Token을 통해 연동하는데 그냥 n8n credential을 사용하면 토큰 만료로 서비스가 중단될 수 있기 때문이다.
#n8n #sns #자동화 #도전인생 #automation #oauth2
0
0
0
0
Hi Example, In order to complete your request, OpenHistoricalMap needs permission to access information about you, including your email address, on all projects of this site. No changes will be made with your account.
If you contribute to @wikipedia @wikidata #WikimediaCommons #Wikivoyage, you can join OpenHistoricalMap in just a few clicks, without having to juggle yet another password for yet another wiki. It works a lot like our existing OpenStreetMap login support.
#SingleSignOn #OAuth2
0
0
0
0
Discover how to secure your .NET APIs with OAuth2 and IdentityServer effortlessly! Gain insights into best practices and streamline your API protection process. #OAuth2 #IdentityServer
0
0
0
0
https://damienbod.com/2025/12/20/digital-authentication-and-identity-validation/
Blogged: Digital Authentication and Identity validation
damienbod.com/2025/12/20/d...
#oidc #identity #iam #swiyu #eid #oauth #dpop #openid #security #ecollecting #authentication #loa #loi #vc #oauth2 #swiss #ch #cybersecurity
5
2
0
0