OAuth Authentication and Authorization Flow

OAuth – authentication and authorization for mobile applications

Federation is a model of identity management that distributes the various individual components of an identity operation amongst different actors. The presumption being that the jobs can be ...

Device code phishing attacks surge 37x as new kits spread online

Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more ...

CSOonline

What is OAuth? How the open authorization framework works

Since the beginning of distributed personal computer networks, one of the toughest computer security nuts to crack has been to provide a seamless, single sign-on (SSO) access experience among multiple ...

Threat Post

Microsoft OAuth Flaw Opens Azure Accounts to Takeover

Some Microsoft applications are vulnerable to an authentication issue that could enable Azure account takeover. A vulnerability in the way Microsoft applications use OAuth for third-party ...

Dark Reading

Security Flaw Found In OAuth 2.0 And OpenID; Third-Party Authentication At Risk

A security researcher has uncovered serious security vulnerabilities in the technologies used by many websites to authenticate users via third-party websites. A blog posted late last week revealed the ...

Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Some results have been hidden because they may be inaccessible to you

Show inaccessible results