OAuth 2.0 for Browser-Based Apps
OAuth 2.0 for Browser-Based Apps Abstract This specification details the security considerations and best practices that must be taken into account when developing browser-based applications that use OAuth 2.0.¶ Discussion Venues This note is to be removed before publishing as an RFC.¶ Discussion of this document takes place on the Web Authorization Protocol Working Group mailing list (oauth@ietf.
Why you probably don't need OAuth2 / OpenID Connect!
You probably do not need OAuth2, nor OpenID Connect. This is a controversial opinion, even more so because my biggest professional achievements are two of the most successful open source projects in the OAuth2 and OpenID Connect world: Ory Hydra (started in 2015)Ory Fosite (started in 2016)Those two projects helped spawn a company that raised series A and an open source ecosystem used by millions.
Home
What is XYZ?XYZ is a set of implementations of the Grant Negotiation Authorization Protocol (GNAP), a draft delegation protocol being developed in the spirit of OAuth 2, but designed with the decade of experience that we have now with OAuth 2 and its extensions. XYZ used to be the name of a proposed protocol that was published as an individual draft, but this proposal has been superseded by GNAP.
OAuth 2.0 クライアントèªè¨¼ - Qiita
サーãƒãƒ¼ã¯ã€å—ã‘å–ã£ãŸã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã®ä¸»ä½“è˜åˆ¥æƒ…å ±ãŒäº‹å‰ç™»éŒ²ã•ã‚Œã¦ã„ã‚‹ã‚‚ã®ã¨ä¸€è‡´ã™ã‚‹ã“ã¨ã‚’確èªã—ã€ã‚‚ã£ã¦ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆèªè¨¼ã¨ã—ã¾ã™ã€‚ ã“ã®ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆèªè¨¼æ–¹å¼ã«ã¯ tls_client_auth ã¨ã„ã†åå‰ãŒä¸Žãˆã‚‰ã‚Œã¦ã„ã¾ã™ï¼ˆMTLS, 2.1.1. PKI Method Metadata Value)。 ãªãŠã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã«ã¯ OAuth 2.0 ã®æ–‡è„ˆã«ãŠã‘るクライアント ID ã¯å…¥ã£ã¦ã„ãªã„ã®ã§ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã ã‘ã§ã¯ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆã‚’特定ã™ã‚‹ã“ã¨ã¯ã§ãã¾ã›ã‚“。ãã®ãŸã‚ã€ã‚¯ãƒ©ã‚¤ã‚¢ãƒ³ãƒˆè¨¼æ˜Žæ›¸ã‚’用ã„るクライアントèªè¨¼ã‚’ãŠã“ãªã†éš›ã¯ã€åˆ¥é€”クライアント ID をリクエストã«å«ã‚ã‚‹å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚通常㯠client_id リクエストパラメーターãŒä½¿ç”¨ã•ã‚Œã¾ã™ã€‚ 1.8. self_signed_tls_client_auth クライアント証明書を用ã„るクライアントèªè¨¼ã«ãŠã„ã¦ã€PKI
1
ランã‚ング
ランã‚ング
ランã‚ング
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
Release v1.0.0 · ory/kratos
GitHub - cloudentity/oauth2c: User-friendly OAuth2 CLI
GNAP - Grant Negotiation and Authorization Protocol
What's new in OAuth 2.1?
{{#tags}}- {{label}}
{{/tags}}