OAuth 2
Published in

OAuth 2

Torsten Lodderstedt

Apr 20, 2019

10 min read

Transaction Authorization or why we need to re-think OAuth scopes

Have you ever come across limitations of the way OAuth expresses the requested scope of an access token? Well, I have several times in the course of the last couple of years in the areas of open banking and remote electronic signature creation.

Let’s take the example of a payment authorization: If you want to authorize a payment using OAuth, you need…

--

--

--

More from OAuth 2

Learnings, Patterns and Ideas around use of OAuth 2.0

Read more from OAuth 2

Recommended from Medium

Bits And Bytes Of Avikodak

Everyone wants a log in distributed systems !!

Alex Shpurov

in

The Startup

Hands-On Disseminate Proof of Ownership Without Disclosing the Underlying Private Data

Christopher Harrison

Unit Testing in Data

Chris Rosser

Windows 10 SSD woes

Santanu Das

in

Root Node

Coding Question #3: Level Order Traversal

Jackie Moraa

The Container Widget | 3 Things I’ve Learnt

Danny Bryant

in

Snowflake

Let DBeaver Build Your ERD from a Snowflake Data Warehouse — dbaonTap

Emre Kaydu

Introduction to Dependency Injection

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Torsten Lodderstedt

Torsten Lodderstedt

Torsten is CTO@yes.com, software architect with strong security interest, identity nerd, contributor to OAuth, OpenID, Open Banking & Electronic Signatures

More from Medium

Ramindu De Silva

Configuring Auth0 with WSO2 API Manager for SSO

BOOM

How to scale data fetching with SWR

TeamCode

KubeOrbit becomes part of CNCF Landscape

Preetham Umarani

ELK Sort and an issue with paginated query

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable