Hacker News with Generative AI: OpenID Connect

Rauthy: OpenID Connect Single Sign-On Identity and Access Management (github.com/sebadob)
Rauthy is a lightweight and easy to use OpenID Connect Identity Provider.
Open Source, Identity Management, OpenID Connect, Security
13 points by todsacerdoti 20 days ago | 2 comments
Configure Azure Entra ID as IdP on Keycloak (ght1pc9kc.fr)
For a new project, I needed to use Keycloak as an Authentication Provider in a Spring Boot WebFlux application. Since the company I work for has a Microsoft Entra ID (formerly Azure Active Directory), the ideal solution was to connect Entra ID as an Identity Provider in Keycloak using OpenID Connect.
Authentication, OpenID Connect, Keycloak, Spring Boot
19 points by marthym 40 days ago | 7 comments
Mixing Up Public and Private Keys in OpenID Connect Deployments (hboeck.de)
I am developing a tool to check cryptographic public keys for known vulnerabilities called badkeys. During the Q&A session of a presentation about badkeys at the German OWASP Day, I was asked whether I had ever used badkeys to check cryptographic keys in OpenID Connect setups. I had not until then.
Security, OpenID Connect, Cryptography, Web Development
6 points by todsacerdoti 60 days ago | 0 comments
OpenID Connect specifications published as ISO standards (self-issued.info)
I’m thrilled to report that the OpenID Connect specifications have now been published as ISO/IEC standards.
OpenID Connect, Standards, Security, Authentication
306 points by mooreds 167 days ago | 138 comments
Pushed Authorization Requests (Par) in Asp.net Core 9 (nestenius.se)
ASP.NET Core 9 introduces support for Pushed Authorization Requests (PAR) in its OpenIdConnect authentication handler. But what exactly is PAR, and why does it matter? In this post, I’ll explain what PAR is, how it works, how to use it with Duende IdentityServer, and when you should consider using it in your applications.
ASP.NET Core, Security, Authentication, OpenID Connect
25 points by tndata 171 days ago | 3 comments