OAuth 2.0 is a hate crime against security given its complexity.
When I really dove into it, I understood mostly why all the complexity was all there if I cared about data at the identity provider.
When it’s only used for SSO, it’s extreme overkill.
When I really dove into it, I understood mostly why all the complexity was all there if I cared about data at the identity provider.
When it’s only used for SSO, it’s extreme overkill.