A deep dive into some advanced OAuth and OpenID Connect topics.
Step-up authentication
Top billing goes to my piece on implementing step-up authentication using the building blocks already provided by OAuth and OpenID Connect. It also includes an emerging standard for APIs to trigger step-up authentication using the WWW-Authenticate header.
Next up is an article on the OAuth side of the UK’s Open Banking standard. If you understand OAuth and you’re looking to learn the many acronyms of Open Banking, then this is the article for you.
I’ve also updated my old ROPC article, adding up-to-date arguments, softening the tone, and improving the structure. I’ve turned comments back on for this article, but we’ll see how that goes…
Last month I decided to block traffic from Russia & Belarus, asking that the reader instead consider protesting the invasion of Ukraine. Around 50 people per day see this request.
Families fleeing the conflict have left their homes with only the items they were able to carry. Help us provide food, water, shelter, healthcare and protection.
