Cloud Security Alliance News Clipping Site

Tag: OAuth 2.0

  • Hacker News: Refresh vs. Long-lived Access Tokens (2023)

    by

    system automation
    in

    Source URL: https://grayduck.mn/2023/04/17/refresh-vs-long-lived-access-tokens/ Source: Hacker News Title: Refresh vs. Long-lived Access Tokens (2023) Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the differences between long-lived access tokens and a combination of long-lived refresh tokens with short-lived access tokens, particularly in the context of OAuth 2.0. It highlights the security benefits of…

  • Hacker News: Auth Wiki

    by

    system automation
    in

    Source URL: https://auth.wiki/ Source: Hacker News Title: Auth Wiki Feedly Summary: Comments AI Summary and Description: Yes Summary: The provided text comprehensively discusses various access control mechanisms, emphasizing their importance in security practices and the management of identities and permissions. These topics are highly relevant for professionals in security, particularly concerning identity and access management…

  • Hacker News: Eartho: Open-Source, Privacy-Focused Alternative to Google Sign-In

    by

    system automation
    in

    Source URL: https://github.com/eartho-group/eartho Source: Hacker News Title: Eartho: Open-Source, Privacy-Focused Alternative to Google Sign-In Feedly Summary: Comments AI Summary and Description: Yes Summary: Eartho is an open-source authentication solution that emphasizes user privacy by acting as a layer between users and major authentication providers like Google and Facebook. This unique setup not only protects user…

  • Hacker News: OAuth from First Principles

    by

    system automation
    in

    Source URL: https://stack-auth.com/blog/oauth-from-first-principles Source: Hacker News Title: OAuth from First Principles Feedly Summary: Comments AI Summary and Description: Yes Summary: The text provides a detailed exploration of the OAuth 2.0 authorization process through the lens of security vulnerabilities. It highlights various security attacks that can occur if OAuth is implemented incorrectly, and outlines secure methods…