Changing the authorization code redirect URI is one of the ways by which attackers try to game the OAuth 2.0 authorization framework. This article discusses how this attack works in detail and how this attack can be prevented. If you… Continue Reading →
User Managed Access is an OAuth-based access management protocol that allows owners of resources to passively authorize access to their resources by third parties. To understand how User Managed Access works, it is paramount that you understand how OAuth 2.0… Continue Reading →
OpenID Connect is an authentication protocol built on top of OAuth 2.0 to facilitate identity provision and Single Sign-On.
A primer on OAuth 2.0 for dummies by a dummy.