OAuth Explained
(github.com/LukasNiessen)
Let’s say LinkedIn wants to let users import their Google contacts.
Let’s say LinkedIn wants to let users import their Google contacts.
OAuth's Role in MCP Security
(defensiblesystems.substack.com)
The NSA likes to say, we don’t break standards, we break implementations. In that spirit let’s look at how OAuth may perform, as implemented in current practice, for MCP.
The NSA likes to say, we don’t break standards, we break implementations. In that spirit let’s look at how OAuth may perform, as implemented in current practice, for MCP.
The challenge of AI agent permissions–and how OAuth scopes help
(stytch.com)
How do you ensure an AI agent doesn’t overstep its bounds? What happens if it tries to modify something it shouldn’t or accesses sensitive data unintentionally?
How do you ensure an AI agent doesn’t overstep its bounds? What happens if it tries to modify something it shouldn’t or accesses sensitive data unintentionally?
Show HN: An open source OAuth/auth system
(github.com/ValueMelody)
Melody Auth is a user-friendly, robust solution for implementing and hosting your own OAuth and authentication system.
Melody Auth is a user-friendly, robust solution for implementing and hosting your own OAuth and authentication system.
Dear OAuth Providers
(pilcrowonpaper.com)
A short letter to some of the OAuth providers I’ve worked with.
A short letter to some of the OAuth providers I’ve worked with.
Blue Sky OAuth Client Implementation Docs
(bsky.app)
This is a guide to implementing atproto OAuth clients "The Hard Way." Optimistically, most developers will have an SDK available for their programming language which supports OAuth, and they can simply refer to SDK documentation. This guide is intended for early adopters, SDK maintainers, or developers with more sophisticated OAuth needs. It is agnostic to whether developers are building clients to work the the app.bsky microblogging Lexicons, or implementing novel application Lexicons.
This is a guide to implementing atproto OAuth clients "The Hard Way." Optimistically, most developers will have an SDK available for their programming language which supports OAuth, and they can simply refer to SDK documentation. This guide is intended for early adopters, SDK maintainers, or developers with more sophisticated OAuth needs. It is agnostic to whether developers are building clients to work the the app.bsky microblogging Lexicons, or implementing novel application Lexicons.