OAuth 2.0

From MgmtWiki

Revision as of 11:34, 30 July 2018 by Tom (talk | contribs) (→‎Problems)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Jump to: navigation, search

Contents

1 Full Title or Meme
2 Context
3 Problems
4 Solutions
5 References

Full Title or Meme

The OAuth 2.0 Authorization Framework

Context

In OAuth 2.0

Problems

OAuth 2.0 still depends on shared secrets between services on Web Sites and other internet devices.^[1]
It is still just a collection of parts that can be configured in a wide variety of combinations; most of which are not particularly secure.

Solutions

References

RFC 6749 The OAuth 2.0 Authorization Framework specification
RFC 8252 OAuth 2.0 for Native Apps Specification
↑ Justin Richer, What's Wrong With OAuth 2? https://twitter.com/justin__richer/status/1023738139200778240

Retrieved from "http://tcwiki.azurewebsites.net/index.php?title=OAuth_2.0&oldid=1617"