"JWT is a specification for allowing SSO or API usage between services.
In many ways JWT is like SAML"
makes me stop trying to parse/understand the rest of it
Hans.
On 4/11/16 9:04 AM, Antonio Sanso wrote:
Just sharing, do not shoot the messenger :)
http://insanecoding.blogspot.com/2016/04/oauth-why-it-doesnt-work-and-how-to-zero-day-attack.html
and companion website:
http://no-oauth.insanecoding.org/
regards
antonio
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
--
Hans Zandbelt | Sr. Technical Architect
[email protected] | Ping Identity
_______________________________________________
OAuth mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/oauth
