Alexey Poltorakalexeypoltorak.hashnode.dev·Jun 8, 2024OpenID Connect: From Implicit to Authorization Code with PKCE & BFFIntroduction This article will review the principles behind various OpenID Connect (OIDC) authentication flows, from the simplest to the most modern, highlighting the vulnerabilities present in each. We will explore each of the following OpenID Conne...Discuss·52 readsSecurity
Sitecore Groovesitecoregroove.hashnode.dev·May 28, 2024Sitecore Identity Server behind TLS termination proxySitecore deployments can include TLS termination proxy between end user and the origin server, which decrypts incoming HTTPs traffic and forwards it further over plain HTTP. The main benefit is that origin server is offloaded from decryption and can ...Discuss·33 readsSitecore
Alan Taialantai.hashnode.dev·May 8, 2024FeaturedSecuring CI/CD pipelines with OIDC, GitHub Actions, and TerraformIn regulated industries, where trust is paramount, the security of CI/CD pipelines is a non-negotiable priority. Breaches within these pipelines can expose sensitive customer data and disrupt critical services, leading to devastating consequences. Tr...Akash Moradiya and 4 others are discussing this5 people are discussing thisDiscuss·35 likes·387 readsTerraform
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 11, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 15🧬 Introduction Form Post Response mode is an additional response mode defined by the OAuth2.0 specification which allows Authorization Response parameters to be sent to clients as HTML form values via an HTTP POST request. Normally, if you are using...DiscussOAuth2 and OpenID Connect with WSO2 ISForm Post Response
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 11, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 14🧬 Introduction We have already discussed how you can gain access via the Authorization Code Grant flow. In this article, we will look at an extension of that, how to use Authorization Code Grant flow with PKCE. PKCE is an acronym for Proof Key for C...DiscussOAuth2 and OpenID Connect with WSO2 ISOAuth2
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 11, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 13🧬 Introduction The OIDC specification defines methodologies to manage user sessions and log out the end-users at the authorization server using front-channel communication. In this approach, the login/logout requests from the client application(RP o...DiscussOAuth2 and OpenID Connect with WSO2 ISOAuth2
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 10, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 12🧬 Introduction SAML2.0 Bearer Grant is a grant type in the OAuth2.0 framework that enables the exchange of a SAML2.0 assertion for an OAuth2.0 token. This grant type is defined in the SAML2.0 Profile for OAuth2.0 Client Authentication and Authorizat...DiscussOAuth2 and OpenID Connect with WSO2 ISOAuth2
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 8, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 11🧬 Introduction OAuth2.0 JWT Bearer Grant type is a grant type that enables the exchange of one JWT token for another. When a request is made to the /oauth2/token endpoint, with the JWT Bearer Grant type, the JWT assertion, the Client ID, and the Cli...DiscussOAuth2 and OpenID Connect with WSO2 ISOAuth2
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 8, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 10🧬 Introduction The Refresh Token Grant provides a way for client applications to obtain a new Access Token without requiring the user to re-authenticate. This can help improve the user experience by avoiding unnecessary login prompts and reducing th...DiscussOAuth2 and OpenID Connect with WSO2 ISOAuth2
Nipuna Upekshanipunaupeksha.hashnode.dev·Mar 8, 2024OAuth2 and OpenID Connect with WSO2 IS - Part 9🧬 Introduction The Client Credentials Grant type provides a secure way for client applications to obtain an Access Token without user authentication. This can be useful in scenarios where the client application needs to access its own resources, suc...DiscussOAuth2 and OpenID Connect with WSO2 ISOAuth2
