Overview
Explore the latest advancements in OAuth security with this conference talk from NDC Security 2024. Delve into Pushed Authorize Requests (PAR), a new specification designed to enhance the security of OAuth flows. Learn how PAR addresses common attack vectors by introducing client authentication to initial requests and removing sensitive parameters from URLs. Discover the inner workings of PAR, understand why it's poised to become the new standard, and explore additional scenarios it enables. Gain valuable insights into securing the OAuth and OpenID Connect front-channel, essential knowledge for developers and security professionals working with authentication and authorization protocols.
Syllabus
PAR: Securing the OAuth and OpenID Connect Front-Channel - Dominick Baier - NDC Security 2024
Taught by
NDC Conferences