{"id":30413,"date":"2023-06-11T00:01:34","date_gmt":"2023-06-10T22:01:34","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=30413"},"modified":"2023-06-07T16:32:32","modified_gmt":"2023-06-07T14:32:32","slug":"oauth2-security-best-current-practices","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2023\/06\/11\/oauth2-security-best-current-practices\/","title":{"rendered":"OAuth2 Security Best Current Practices"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>The IETF has updated a document \"OAuth2 Security Best Current Practices\" as of June 6, 2023. The document describes current security best practices for OAuth 2.0, updating and extending the OAuth 2.0 security threat model. It incorporates practical experience gained since the release of OAuth 2.0 and covers new threats that are relevant due to the broader adoption of OAuth 2.0.<\/p>\n<p><!--more--><\/p>\n<p>I came across this document, which can be <a href=\"https:\/\/datatracker.ietf.org\/doc\/html\/draft-ietf-oauth-security-topics\" target=\"_blank\" rel=\"noopener\">accessed here<\/a>, via the following <a href=\"https:\/\/twitter.com\/manicode\/status\/1666073895009415168\" target=\"_blank\" rel=\"noopener\">tweet<\/a>. In terms of readability, it's tough stuff (plain text with links). But maybe it is of interest for some of the readers.<\/p>\n<p><a href=\"https:\/\/twitter.com\/manicode\/status\/1666073895009415168\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" title=\"OAuth2 Security Best Current Practices\" src=\"https:\/\/i.imgur.com\/nAgNZsC.png\" alt=\"OAuth2 Security Best Current Practices\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The IETF has updated a document \"OAuth2 Security Best Current Practices\" as of June 6, 2023. The document describes current security best practices for OAuth 2.0, updating and extending the OAuth 2.0 security threat model. It incorporates practical experience gained &hellip; <a href=\"https:\/\/borncity.com\/win\/2023\/06\/11\/oauth2-security-best-current-practices\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1319],"tags":[],"class_list":["post-30413","post","type-post","status-publish","format-standard","hentry","category-general"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/30413","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=30413"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/30413\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=30413"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=30413"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=30413"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}