Scott Brady's Newsletter

By Scott Brady

Stay up to date with a monthly email containing my latest articles, newest courses, favorite links, and the odd picture of my cats.

Stay up to date with a monthly email containing my latest articles, newest courses, favorite links, and the odd picture of my cats.

By subscribing, you agree with Revue’s Terms of Service and Privacy Policy and understand that Scott Brady's Newsletter will receive your email address.

5

issues

#5・

scottbrady91.com - March '22 - Step-up authentication, UK Open Banking, and an ROPC update

Top billing goes to my piece on implementing step-up authentication using the building blocks already provided by OAuth and OpenID Connect. It also includes an emerging standard for APIs to trigger step-up authentication using the WWW-Authenticate header.

 
#4・

scottbrady91.com - January '22 - Identity tokens, year in review, & Umbraco

My biggest release since the last newsletter is my deep dive into ID tokens. This article looks to dispel some myths around identity tokens and shows just how powerful they can be.

 
#3・

scottbrady91.com - October '21 - XML signing & OAuth updates

XML signing is still something you'll need to do now and then, especially if you deal with SAML as I do. However, safely parsing, signing, and validating XML is not an easy task. In these articles, you'll learn about XML best practices in .NET and how to use …

 
#2・

scottbrady91.com - August '21

This month's article is all about loading Elliptic Curve keys in .NET and the System.Security.Cryptography's ECDsa object. I found myself rewriting this content every other article, so now it's all in one place!

 
#1・

scottbrady91.com - June '21

This month's article covers a question I've received a few times: "Does OAuth's Proof-Key for Code Exchange (PKCE) replace client secrets". The short answer is no, but this article digs into it a bit further than that.