OAuth – .Nat Zone

OAuth OpenID Connect

Comments back to “Transaction Authorization or why we need to re-think OAuth scopes” by Torsten

Nat May 12, 2019 4 Comments OAuth OpenID Connect

Torsten Lodderstedt’s excellent blog titled “Transaction Authorization or why we need to re-think OAuth scopes” has been floating around for a few weeks. I always…

identity

Todo list for Self-Issued OP to achieve #self-sovereign-identity

Self-issued OP (SIOP) is defined in Chapter 7 of OpenID Connect (2014). If we take that the Identity (set of data related to the entity)…

Financial API OAuth security

Fixing OAuth?

Nat July 20, 2016 No Comments cut-n-paste FAPI mix-up attack OAuth RFC6749 RFC6750

On the 14th and 15th of July, we had the OAuth Security Workshop 2016 at the University of Trier. Further, we had a IETF 96 side meeting…

identity OAuth

JWS, JWT, and others now RFC!

Nat May 20, 2015 No Comments ietf JWS JWT OAuth RFC

It has taken soooo long [1], but JSON Web Signature (JWS), JSON Web Token (JWT) , together with other JW* suite finally are Standard Track…

identity OAuth OpenID Connect

Registered Token Profile for OAuth 2.0

Nat August 3, 2012 1 Comment HoK ietf JWS OAuth security

So, ID Token in OpenID connect is audience restricted to the client while the OAuth bearer access token is audience restricted to the protected resource.…

identity OpenID Connect

The relationship between endpoint responses and response_type, scope pair

Nat February 22, 2012 No Comments OAuth openid response_type scope

So it seems there is a little bit of confusion around what needs to be returned from which endpoint among the readers of OpenID Connect…

identity OpenID Connect

OpenID Connect in a nutshell

Nat January 20, 2012 39 Comments OAuth openid OpenID Connect

When you read the OpenID Connect Specifications, you might feel a little bit intimidated. That’s because they are written in “spec language” and they deal with corner cases,…

identity

Call for nominations for the Kantara Initiative 2011 IDDY (IDentity Deployment of the Year) Awards

Nat October 27, 2010 No Comments iddy Kantara OAuth openid

The call for nominations for the 2011 IDDY (IDentity Deployment of the Year) Awards is now open! Kantara Initiative is excited to continue this awards program for…

identity

Identify Conference #7

Nat June 25, 2010 No Comments idcon OAuth openid

Today, we had the 7th Identity Conference (aka IdCon #7) at Yahoo! Japan. It started at 7pm Japan Time. Detail of the conference is here.…

identity

OpenID TechNight #6

Nat May 29, 2010 1 Comment ab OAuth oidf-j openid

“OpenID TechNight vol.6”, a technical seminar hosted by OpenID Foundation Japan (OIDF-J) took place on May 28, 2010 at NRI. Here is the summary: Introduction…

[…] （日本語機械翻訳。英語原文はこちら） […]

The Evolution of Digital Identity: OpenID’s Journey (SIDI Hub Tokyo Opening Speech) – @_Nat Zone

November 12, 2024 @ 4:30 AM

[…] conference’s content director, I...

[June 4] Join us for a Keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone

June 2, 2024 @ 9:41 PM

[…] this session was planned...

June 2, 2024 @ 9:35 PM

[June 4]I will deliver a keynote speech at the European Identity & Cloud Conference 2024 in Berlin titled “Les Miserables of the Cyber Frontier: The Dueling Narratives of Decentralized Identities.” – .Nat Zone

June 2, 2024 @ 9:31 PM

[…] is the adoptation of...

The Miserable Society and the Identity System: The Dangers of Data Linking as Seen in Victor Hugo’s Les Misérables (2024 EU Version) – .Nat Zone

June 2, 2024 @ 7:04 PM

.Nat Zone

Tag: OAuth

Comments back to “Transaction Authorization or why we need to re-think OAuth scopes” by Torsten

Todo list for Self-Issued OP to achieve #self-sovereign-identity

Fixing OAuth?

JWS, JWT, and others now RFC!

Registered Token Profile for OAuth 2.0

The relationship between endpoint responses and response_type, scope pair

OpenID Connect in a nutshell

Call for nominations for the Kantara Initiative 2011 IDDY (IDentity Deployment of the Year) Awards

Identify Conference #7

OpenID TechNight #6

OpenID Connect in a nutshell

Write an OpenID Connect server in three simple steps

Dummy’s guide for the Difference between OAuth Authentication and OpenID

Making a Javascript OpenID Connect Client in 4 steps

Announcing GAIN: Global Assured Identity Network