YiliaforAPI7api7.hashnode.dev·Jul 4, 2024OpenID vs OAuthTo ensure the security of user information and allow third-party applications to access restricted resources, two mainstream technologies have emerged: OpenID Connect and OAuth. While these two are often discussed together, they fundamentally differ ...Discuss·29 likesOpenID Connect
Ulaş Özdemirulasozdemir.com.tr·Jun 12, 2024Enterprise-Level Authentication in a Containerized Environment for Next.js 13TL;DR https://github.com/ozdemirrulass/keycloak-nextjs-mysql-docker 💡 This tutorial uses Next-Auth and Next-Auth is becoming AuthJS! If you want to use AuthJS for working with latest versions checkout THIS POST This article aims to provide a step...Discuss·324 readskeycloak
Alexey Poltorakalexeypoltorak.hashnode.dev·Jun 8, 2024OpenID Connect: From Implicit to Authorization Code with PKCE & BFFIntroduction This article will review the principles behind various OpenID Connect (OIDC) authentication flows, from the simplest to the most modern, highlighting the vulnerabilities present in each. We will explore each of the following OpenID Conne...Discuss·52 readsSecurity
Emmanuel GautierforCerberAuthwww.cerberauth.com·Jun 2, 2024OpenID Connect IntroductionOpenID Connect (OIDC) emerges as a robust solution, offering a seamless way to handle user authentication across multiple platforms. If you're familiar with OAuth 2.0, you're already halfway to understanding OpenID Connect. OIDC builds on the OAuth 2...DiscussOpenID Connect
Kristof RiebbelsProdotnet.kriebbels.me·May 5, 2024Signature validation required? Microsoft Says No.No signature validation using AddMicrosoftAccount() TLDR; Microsoft's AddMicrosoftAccount() method does not do signature validation for tokens, which poses potential security risks. This article explores the implications of this, using an analogy of ...Discuss·39 readsDotNetEntra
Yogitha Kkakarlayogitha.hashnode.dev·Apr 24, 2024SAML vs OAuth vs OpenIDSAML SAML simplifies the implementation of federated authentication and authorization, which involves multiple service providers across multiple organizations and security domains using a single identity provider. An example of federated identificati...DiscussSAML
YiliaforApache APISIXapisix.hashnode.dev·Mar 27, 2024Navigating Identity Authentication: From LDAP to Modern ProtocolsWhen constructing the identity authentication mechanism for network applications, engineers face various choices. One approach is to design a custom authentication mechanism, which may be suitable for certain newly developed applications. Another app...Discuss·27 likesauthentication
Mostafa Nasrmostafanasr.hashnode.dev·Feb 28, 2024OpenID and OAUTH2OAuth2 authorizatation that enables applications to obtain limited access to user accounts on HTTP service. it works by delegating user authentication to the service that hosts the user account and authorizing third-party applications to access the u...DiscussOpenID Connect
Mostafa Nasrmostafanasr.hashnode.dev·Feb 28, 2024Jenkins Access AWS With KeyclockIn this blog I will write about how did I used openID to connect jenkins to AWS using keyclock or using OIDCProvider plugin in jenkins. the following diagram will explains how the process happens with keyclock and with jenkins plugin. Jenkins Plugin ...DiscussDevops
Karuppiah Natarajankaruppiah.dev·Feb 1, 2024Trying to Authenticate in a Demo Application using OpenID Connect (OIDC) using KeycloakI was trying out Keycloak as part of evaluating OpenID Connect providers for Vault and any other applications we will host at my company In this post, let's look at how I tried out Keycloak OpenID Connect login in my local along with an example demo ...Discuss·36 readsOpenID Connect