OAuth 2
Published in

OAuth 2

Transaction Authorization or why we need to re-think OAuth scopes

Have you ever come across limitations of the way OAuth expresses the requested scope of an access token? Well, I have several times in the course of the last couple of years in the areas of open banking and remote electronic signature creation.

Let’s take the example of a payment authorization: If you want to authorize a payment using OAuth, you need…




Learnings, Patterns and Ideas around use of OAuth 2.0

Recommended from Medium

Everyone wants a log in distributed systems !!

Hands-On Disseminate Proof of Ownership Without Disclosing the Underlying Private Data

Unit Testing in Data

Windows 10 SSD woes

Coding Question #3: Level Order Traversal

The Container Widget | 3 Things I’ve Learnt

Let DBeaver Build Your ERD from a Snowflake Data Warehouse — dbaonTap

Introduction to Dependency Injection

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Torsten Lodderstedt

Torsten Lodderstedt

Torsten is CTO@yes.com, software architect with strong security interest, identity nerd, contributor to OAuth, OpenID, Open Banking & Electronic Signatures

More from Medium

Configuring Auth0 with WSO2 API Manager for SSO

How to scale data fetching with SWR

KubeOrbit becomes part of CNCF Landscape

ELK Sort and an issue with paginated query