Skip to main content
Software Engineering

Questions tagged [oauth2]

Ask Question

The tag has no summary.

116 questions
Newest Active Bountied Unanswered
6 votes
2 answers
1k views

Since I started studying security in web applications, it seems that everyone always says to never store sensitive information (e.g., refresh tokens, access tokens, and so on) due to the risk of ...
ikiwq's user avatar
  • 165
3 votes
1 answer
128 views

I am developing a home-grade web application (server-client, based on Nuxt and nuxt-auth-utils). I am using the opportunity to learn something about oAuth (and OpenID). One of the issues I face is ...
WoJ's user avatar
  • 1,661
4 votes
1 answer
180 views

I plan to have a frontend web app written with Next.js using the AuthJS library to provide user authentication using Oauth. This frontend application depends on a backend API. I want to make sure my ...
Romuloux's user avatar
  • 149
0 votes
0 answers
103 views

I was looking for some advice as I am tipping my toes into the world of web development, the question might be broader than the title suggests, so any tip that may be in a different direction is also ...
Gonçalo's user avatar
  • 1
0 votes
0 answers
95 views

This question has been asked over and over again, but I have not yet found a satisfying answer: How to use Social Logins (via OAuth2) to obtain access tokens for your backend if your only clients are ...
rsmidt's user avatar
  • 9
1 vote
1 answer
160 views

I have a web app which authenticates the user using an external identity provider (Microsoft Entra with MSAL library). This give us an access token to access our API. After authentication (so, we ...
zameb's user avatar
  • 121
10 votes
8 answers
7k views

In software design and security, why would it not be a good idea for users to send you their passwords and it would be a better idea to delegate: use public-key auth or logging in with one of these: ...
Daniel's user avatar
  • 527
-2 votes
1 answer
657 views

I have an angular SPA that runs in an office add-in (word) that I need to authenticate against Azure AD using Oauth2, consume resources from multiple apis and make graph calls. I have been successful ...
Josh Engel's user avatar
  • 1
1 vote
0 answers
213 views

Currently my company has 2 applications that use Identity Server for SSO. Not every client we have uses both applications but some do. The part I'm uneasy about is that both apps have a user ...
Brad Firesheets's user avatar
  • 146
0 votes
1 answer
382 views

I'm currently using Azure AD as my identity provider and Keycloak as my intermediary/broker for my client applications. However, I need some user attributes (such as phone, email, picture, and ...
linus's user avatar
  • 121
0 votes
0 answers
283 views

I'm thinking about a rewrite of a existing application. This legacy application does not separate frontend and backend. It's a single application with server side rendering. I want to rewrite it to a ...
samjaf's user avatar
  • 121
0 votes
1 answer
166 views

I have an angular based SPA, and backend resource server is written in springboot. I have integrated keycloak to provide OIDC support. Currently the app talks to auth server for login, (supplies ...
TruckDriver's user avatar
  • 109
0 votes
2 answers
174 views

I have a scenario I am considering, and I don't quite find out what's the best solution with OAuth. Hopefully I can learn good things here. We are company A and we specialize in managing secure text ...
diegosasw's user avatar
  • 407
3 votes
2 answers
3k views

We are looking at implementing Multi-factor authentication for our application, using Time-based one-time password (TOTP) algorithm. What we want to achieve: Users should have the option to enable ...
user1583803's user avatar
  • 133
0 votes
0 answers
85 views

I could use some feedback on designing a solution for handling two OAuth flows in a single request. I have an API that currently supports OAuth2.0 (for users). It was requested that we should be able ...
Martin Nielsen's user avatar
  • 1

15 30 50 per page
1
2 3 4 5
8