View profile - March '22 - Step-up authentication, UK Open Banking, and an ROPC update

Scott Brady
Scott Brady
A deep dive into some advanced OAuth and OpenID Connect topics.

Step-up authentication
Top billing goes to my piece on implementing step-up authentication using the building blocks already provided by OAuth and OpenID Connect. It also includes an emerging standard for APIs to trigger step-up authentication using the WWW-Authenticate header.
Step-up authentication with OAuth and OpenID Connect
UK Open Banking
Next up is an article on the OAuth side of the UK’s Open Banking standard. If you understand OAuth and you’re looking to learn the many acronyms of Open Banking, then this is the article for you.
Open Banking for OAuth Developers
I’ve also updated my old ROPC article, adding up-to-date arguments, softening the tone, and improving the structure. I’ve turned comments back on for this article, but we’ll see how that goes…
Don't use the OAuth password grant type
Last month I decided to block traffic from Russia & Belarus, asking that the reader instead consider protesting the invasion of Ukraine. Around 50 people per day see this request.
Ukraine Humanitarian Appeal | Disasters Emergency Committee
Did you enjoy this issue? Yes No
Scott Brady
Scott Brady @scottbrady91

Stay up to date with a monthly email containing my latest articles, newest courses, favorite links, and the odd picture of my cats.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Created with Revue by Twitter.