© 2023 Hashnode
#oidc
"Secure your applications, not your network. Verify identity and enforce access controls in the application itself, where they can travel with the application wherever it goes." - John Kindervag, crea…
"Authentication and authorization represent the new perimeter in a world where identity is the new control plane." - Satya Nadella, CEO of Microsoft. Introduction In our previous article, we explored…
Introduction Google is a popular Identity Provider (IdP) option for third-party applications. Google's OAuth 2.0 API implements Open ID Connect (OIDC) specification and is an OpenID Certified vendor, …
Why When erecting CI/ CD Channels to automate the process of planting coffers in AWS via Code( IaC- structure as Code) you need to give your channel runner authorization to emplace those coffers. The …
This guide assumes you manage your infrastructure with Terraform. Here is an example IRSA implementation using Terraform and kubectl. Background Let's say you want to allow your EKS-hosted app to acce…
Background In the early days of Internet, many websites have manage the identities of their registered members themselves. There was no single standard but somehow, people keep track of the usual fields like First Name, Last Name, Email Add…
Series Introduction This series aims to clearly explain the concepts of OAuth and OpenID connect, as briefly as possible. OAuth Before I give you a standard definition for OAuth let's define what OAut…
When you're using Azure WAF and Azure Active Directory OpenID Connect, you can experience the WAF blocking on the rule: SQL Comment Sequence Detected. This is the real solution, please don't use the s…
