The #APIPlatformCon starts in 12 days! @vincentchalamon will take you on a journey to explore #OpenID Connect and its usage with API Platform.

Get your ticket: https://api-platform.com/fr/con/2023

🎉 DEFGUARD massive 0.7.0 🎉

1. Forward auth for reverse #proxy
2. Remote user enrollment
3. User onboarding after enrollment
4. Email/#SMTP support
5. Send debug/support information
6. Native #FreeBSD #Wireguard #Kernel support
7. #OPNSense Plugin
8. UI #React Components Library

Full release notes:

https://github.com/DefGuard/defguard/releases/tag/v0.7.0

#security #vpn #OpenSource #openid #privacy #selfHosted #SelfHosting

We are working on adding support for authentication with #S3 backends using temporary credentials from #STS obtained from an ID token from an #OpenID connect provider. Let us know if you know about a common deployment scenario (on #AWS or other provider). We are looking to test the interoperability of our implementation and provide sample connection profiles in https://github.com/iterate-ch/profiles/issues/55

I just wrote a small article on my #techblog about how to integrate #opensource #keycloak as #openid provider on a simple #dotnet #aspnet #angular application.

Feedbacks welcome (especially if you have an idea about the SPA proxy routing thing)

https://blog.keda.re/blog/keycloak-aspnet-identity.html

Das wäre dann tatsächlich der Security Super-GAU.
#security #microsoft #azure #openid #cloud

https://www.heise.de/news/Neue-Erkenntnisse-Microsofts-Cloud-Luecken-viel-groesser-als-angenommen-9224640.html

https://www.wiz.io/blog/storm-0558-compromised-microsoft-key-enables-authentication-of-countless-micr Compromised Microsoft Key: More Impactful Than We Thought || #cloud #microsoft #azure #exchange #onedrive #office365 #openid

👋 In this post, you will learn 𝐡𝐨𝐰 𝐭𝐨 𝐚𝐝𝐝 𝐚𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐭𝐨 𝐲𝐨𝐮𝐫 𝐉𝐚𝐯𝐚 𝐒𝐩𝐫𝐢𝐧𝐠 𝐁𝐨𝐨𝐭 using OAuth2 with Authgear as the Identity Provider (IdP).

https://www.authgear.com/post/authentication-for-spring-boot-app-with-authgear-and-oauth2

#authentication #java #springboot #oauth2 #openid #OIDC

Pytanie do profesjonalistów. Potrzebuję w jakiś sposób logować się za pomocą kont do kilku hostowanych przeze mnie usług (m.in. #WordPress i #Nextcloud). Próbowałem to zrobić przez Keycloak i apkę Social Login w Nextcloud, ale nie ogarniam.
Czy ktoś mi jest w stanie polecić jakieś rozwiązanie, najlepiej self-hosted?

#server #serwer #OAuth #OpenIDConnect #OpenID #logowanie

I think it might be better to leave it out, just to avoid the confusion about how the accounts are linked. Instead, and to solve point 3, we could start by reintroducing #OpenID (or some form of it, like #IndieAuth ). Let Pixelfed be a provider, consumer, or both, and get more willing projects like #Calckey to support it too. That could even lend to eventually support domain-based usernames a la Bluesky, especially if Mastodon gets on board with it.

defguard - #opensource #security swiss army knife has been released! Read the announcement: https://teonite.com/blog/defguard/

#vpn #YubiKey #WireGuard #openid

"1 Identität to rule them all" #identity #identität #openid #cacert 👍🏻 Tolle Inspirationen und ein super Vortrag ❤️

어제부로 미스키의 OAuth2 지원 개발에 높은 중요도 레이블이 붙었다.
https://github.com/misskey-dev/misskey/issues/8262
#OpenID #Misskey

Once upon a time, #OpenID existed, and websites used it, and it was nice.

@jpanzer I’m sensitive to asymmetric implementations, because that’s the thing that killed #openid as a user centric protocol imho :-)

The #OpenID Foundation has now been around for twice as long as the #Liberty Alliance. Let that sink in.

(Disclaimer: I had a hand in this, although it was some time ago.)

Anyone worked with #OpenID and #Keycloak? I have next to zero knowledge of how it works, but I'm hoping someone can help me out a little:

My keycloak server (provided from Mythic Table's repos) doesn't seem to have an open ID config located at the .well-known resource location.

Is this a common problem that pops up if you miss a step, or do I need to better understand this before I give it a try again?

We have 2023.

Why is it, that authentication and authorization is still a pain in the ass after all these years. And I think it’s getting worse.

#Oauth. Token here. #SAML there. #OpenID. OBO. Client Credentials. Auth Code. Device Code. Cert. #PKCE. Claims. Roles. ISS.

GTFO.

#security #secops #developing #dev #coding #auth #architecture #software #Cloud

As I work with #OAuth2/#OIDC almost every day, this is pretty accurate. I will say that oauth2-proxy and/or #Keycloak can simplify a lot of this.
https://www.nango.dev/blog/why-is-oauth-still-hard
#OpenID

I'm increasingly getting the feeling that one of these days I need to reactivate LID -- Light-Weight Digital Identity -- my entry into #identity and #iiw created more or less by accident in 2004. Then folded into the larger #OpenID movement. Some of its more interesting features were adopted by other identity protocols over time, but some others are still unique and would be very useful now that the decentralized, user-owned, social web is waking back up.

Somehow I've become the #SAML / #OpenID #OIDC / #SCIM Go-To guy at work.