Explains the OAuth Resource Owner Password Credentials (ROPC) grant flow in Azure AD, detailing its purpose and why it should be avoided in modern applications.
Explains the relationship between scopes and claims in IdentityServer for OpenID Connect and OAuth 2.0, covering identity and API scope design.
Explains how to implement OAuth and OpenID Connect authentication protocols in a Blazor client-side application.
Explains the impact of Safari's stricter same-site cookie policy on ASP.NET Core external authentication and proposes a solution.
Explains how to use the new OpenIddict RC3 events model to implement advanced OAuth/OpenID Connect scenarios in your applications.
The author debates whether to include authentication and server-side concepts in a JavaScript course, highlighting the security risks of client-side authentication.
Explains how to implement an opt-in calendar feature for an Azure AD v1 app by creating a separate app to manage delegated permissions.
Explains the OAuth Device Code Flow in Azure AD for authenticating apps without a web browser, including how it works and a C# example.
A tutorial on implementing Azure Active Directory authentication in an ASP.NET Core 1.0 web application.
A comparison of Azure Active Directory and Identity Server for identity management, focusing on features, setup, and developer experience.
A guide on unit testing OWIN OAuth middleware for third-party API integration, using Vimeo as an example.
A tutorial on implementing GitHub OAuth login in a Laravel application using the Socialite package for user authentication.
A guide to using Twitter.jl, a Julia package for interacting with the Twitter API, covering authentication and basic functions.
Explores using Policy objects and Extractors in Rails to handle multi-provider OAuth authentication cleanly, moving beyond CanCan/Pundit for authorization.
A tutorial on creating a Python Twitter bot that automatically favorites tweets based on a keyword to help grow followers organically.
A developer details implementing JWT-based session token authentication for a startup's API using Thinktecture.IdentityModel in ASP.NET Web API.
A developer's critical rant about the complexity and frustrations of implementing OAuth for a Twitter API client, arguing it's overly complicated.
A guide to setting up and testing OAuth providers like Google, Facebook, and Twitter for user login, including local development configuration.
Explains how to use OpenID with Google Apps to secure internal company applications, replacing VPNs for a cleaner authentication workflow.
Announcing a new OAuth 2.0 client implementation for GNU Emacs, now available via GNU ELPA for accessing APIs like Google and Facebook.
