mastodon.ie

Alvin Ashcraft 🐿️MCP Gets OAuth: Understanding the New Authorization Specification | MCP Dev Days.<a href="https://www.youtube.com/watch?v=EXxIeOfJsqA" rel="nofollow noopener" translate="no" target="_blank">https://www.youtube.com/watch?v=EXxIeOfJsqA</a> <a href="https://hachyderm.io/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#mcp</a> <a href="https://hachyderm.io/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#ai</a> <a href="https://hachyderm.io/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://hachyderm.io/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://hachyderm.io/tags/modelcontextprotocol" class="mention hashtag" rel="nofollow noopener" target="_blank">#modelcontextprotocol</a> <a href="https://hachyderm.io/tags/aiagents" class="mention hashtag" rel="nofollow noopener" target="_blank">#aiagents</a>

Tore🛠️ 𝐁𝐅𝐅 𝐏𝐚𝐭𝐭𝐞𝐫𝐧 𝐒𝐞𝐫𝐢𝐞𝐬 #4: 𝐁𝐮𝐢𝐥𝐝𝐢𝐧𝐠 𝐘𝐨𝐮𝐫 𝐅𝐢𝐫𝐬𝐭 𝐁𝐅𝐅 𝐟𝐫𝐨𝐦 𝐒𝐜𝐫𝐚𝐭𝐜𝐡 𝐓𝐡𝐞𝐨𝐫𝐲 → 𝐏𝐫𝐚𝐜𝐭𝐢𝐜𝐞. 𝐏𝐚𝐫𝐭 4 𝐢𝐬 𝐥𝐢𝐯𝐞!✅ Complete ASP.NET Core implementation ✅ Real OpenID Connect integration ✅ Secure API proxying ✅ Working demo + GitHub source code ✅ Zero tokens in the browserFrom basic cookies to production-ready in one tutorial.🔗 <a href="https://nestenius.se/net/bff-in-asp-net-core-4-implementing-a-bff-from-scratch/" rel="nofollow noopener" translate="no" target="_blank">https://nestenius.se/net/bff-in-asp-net-core-4-implementing-a-bff-from-scratch/</a>Ready to build secure SPAs the right way? 🚀<a href="https://dotnet.social/tags/aspnetcore" class="mention hashtag" rel="nofollow noopener" target="_blank">#aspnetcore</a> <a href="https://dotnet.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://dotnet.social/tags/bff" class="mention hashtag" rel="nofollow noopener" target="_blank">#bff</a> <a href="https://dotnet.social/tags/dotnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#dotnet</a> <a href="https://dotnet.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://dotnet.social/tags/mvpbuzz" class="mention hashtag" rel="nofollow noopener" target="_blank">#mvpbuzz</a>

Olivier MehaniOAuth in VanillaJS: Mind your encodings<a href="https://blog.narf.ssji.net/2025/07/30/oauth-in-vanillajs-mind-your-encodings/" rel="nofollow noopener" translate="no" target="_blank">https://blog.narf.ssji.net/2025/07/30/oauth-in-vanillajs-mind-your-encodings/</a>I wrote an implementation of the OAuth Authorisation Grant flow in VanillaJS. It worked pretty well except for some mismatch in String encodings. tl;dr: use `String.fromCharCode` over `TextDecoder` if you want to use `atob`. Or wait for `Uint8Array.toBase64`.<a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://blog.narf.ssji.net/tag/javascript/" target="_blank">#Javascript</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://blog.narf.ssji.net/tag/oauth/" target="_blank">#OAuth</a>

Third spruce tree on the leftWhen you get the option to `Sign in with Google/Microsoft/Facebook` you're really using <a href="https://mas.to/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a>. Aside from those platforms knowing what you're doing everywhere all the time, there are compelling reasons for both 3rd party services and users. (not many, but a few). But if you DO link your <a href="https://mas.to/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft</a> / <a href="https://mas.to/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#Google</a> / <a href="https://mas.to/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#Facebook</a> account to some other service, there's never anyway to UNLINK it, and that's just lazy cowardly product management, $0.02. Oh and its deliberate.<a href="https://awadwatt.com/tezoatlipoca/poor-software-product-management-chronicles-e-auth-i-auth-oauth-fuck-off" rel="nofollow noopener" translate="no" target="_blank">https://awadwatt.com/tezoatlipoca/poor-software-product-management-chronicles-e-auth-i-auth-oauth-fuck-off</a>

Wladimir MuftySetting up a sector-wide <a href="https://social.edu.nl/tags/PeerTube" class="mention hashtag" rel="nofollow noopener" target="_blank">#PeerTube</a> pilot instance on behalf of Dutch higher ed & research using <a href="https://social.edu.nl/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#SSO</a> via <a href="https://social.edu.nl/tags/SAML" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAML</a>, so no local usernames/passwords…Anyone with experience uploading videos using the <a href="https://social.edu.nl/tags/REST" class="mention hashtag" rel="nofollow noopener" target="_blank">#REST</a> <a href="https://social.edu.nl/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#API</a> for system integration purposes? No classic <a href="https://social.edu.nl/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a> flow here… or is it possible?!💚➡️ <a href="https://social.edu.nl/tags/Framasoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Framasoft</a> <a href="https://social.edu.nl/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fediverse</a> <a href="https://social.edu.nl/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://social.edu.nl/tags/Education" class="mention hashtag" rel="nofollow noopener" target="_blank">#Education</a> <a href="https://social.edu.nl/tags/Science" class="mention hashtag" rel="nofollow noopener" target="_blank">#Science</a> <a href="https://social.edu.nl/tags/askfedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#askfedi</a>👩🏽‍🎓 <a href="https://video.edu.nl/" rel="nofollow noopener" translate="no" target="_blank">https://video.edu.nl/</a>

Joy Aliza DenebeimI'm trying to configure mastodon for doing SSO with an authentik id. I'm getting "unknown encryption algorithm" Has anyone else seen this or can you shed some light on what I'm trying to do?<a href="https://mastodon.social/tags/mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#mastodon</a> <a href="https://mastodon.social/tags/Oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#Oidc</a> <a href="https://mastodon.social/tags/sso" class="mention hashtag" rel="nofollow noopener" target="_blank">#sso</a> <a href="https://mastodon.social/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a> <a href="https://mastodon.social/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#authentik</a> <a href="https://mastodon.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a>

Nik | Klampfradler 🎸🚲I lied when I said <a href="https://toot.teckids.org/tags/PAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#PAM</a> authentication will come next week. Here's <a href="https://toot.teckids.org/tags/WebIDAMd" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebIDAMd</a> demonstrating password authentication against <a href="https://toot.teckids.org/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a>, with a PAM module speaking via <a href="https://toot.teckids.org/tags/Varlink" class="mention hashtag" rel="nofollow noopener" target="_blank">#Varlink</a> to the daemon:<a href="https://asciinema.org/a/728726" rel="nofollow noopener" translate="no" target="_blank">https://asciinema.org/a/728726</a><a href="https://social.tchncs.de/@signaleleven" class="u-url mention" rel="nofollow noopener" target="_blank">@signaleleven</a> <a href="https://mastodon.social/@pid_eins" class="u-url mention" rel="nofollow noopener" target="_blank">@pid_eins</a> <a href="https://queer.group/@jasmin" class="u-url mention" rel="nofollow noopener" target="_blank">@jasmin</a> <a href="https://toot.teckids.org/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#systemd</a> <a href="https://toot.teckids.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a>

Nik | Klampfradler 🎸🚲I got back to <a href="https://toot.teckids.org/tags/WebIDAMd" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebIDAMd</a>, a <a href="https://toot.teckids.org/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#systemd</a>-userdbd-based system for using <a href="https://toot.teckids.org/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a> / <a href="https://toot.teckids.org/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#OIDC</a> / <a href="https://toot.teckids.org/tags/REST" class="mention hashtag" rel="nofollow noopener" target="_blank">#REST</a> identity providers for <a href="https://toot.teckids.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> system authentication.And I can now show off a first demo (no <a href="https://toot.teckids.org/tags/PAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#PAM</a> authentication yet, but user and group listing):<a href="https://asciinema.org/a/728567" rel="nofollow noopener" translate="no" target="_blank">https://asciinema.org/a/728567</a>In contrast to <a href="https://toot.teckids.org/tags/sssd" class="mention hashtag" rel="nofollow noopener" target="_blank">#sssd</a>'s recent OIDC module, WebIDAMd is fully provider-agnostic and integrates transparently with userdbd, the current/upcoming standard in most Linux distributions instead of requiring a full separate software stack.

Alvin Ashcraft 🐿️OAuth 2.0 Access Tokens and the Principle of Least Privilege | by Andrea Chiarelli.<a href="https://auth0.com/blog/oauth2-access-tokens-and-principle-of-least-privilege/" rel="nofollow noopener" translate="no" target="_blank">https://auth0.com/blog/oauth2-access-tokens-and-principle-of-least-privilege/</a> <a href="https://hachyderm.io/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#authorization</a> <a href="https://hachyderm.io/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://hachyderm.io/tags/auth0" class="mention hashtag" rel="nofollow noopener" target="_blank">#auth0</a>

LeanpubNew 📚 Release! MCP Servers with Oauth: A full introduction to MCP, from zero to deployment in one weekend by Zach Silveira <a href="https://mastodon.social/tags/books" class="mention hashtag" rel="nofollow noopener" target="_blank">#books</a> <a href="https://mastodon.social/tags/ebooks" class="mention hashtag" rel="nofollow noopener" target="_blank">#ebooks</a> <a href="https://mastodon.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://mastodon.social/tags/technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#technology</a>This book provides the fastest way to get up to speed using the latest Model Context Protocol authentication specification that was finalized in May 2025.Find it on Leanpub!Link: <a href="https://leanpub.com/creatingmcpserverswithoauth" rel="nofollow noopener" translate="no" target="_blank">https://leanpub.com/creatingmcpserverswithoauth</a>

OpenStreetMap Ops TeamIf you manage a web application that uses OpenStreetMap.org authentication or independently use the OpenStreetMap-website code, please see our recent security notice: <a href="https://operations.osmfoundation.org/2025/07/11/security-notice.html" rel="nofollow noopener" translate="no" target="_blank">https://operations.osmfoundation.org/2025/07/11/security-notice.html</a> <a href="https://en.osm.town/tags/OpenStreetMap" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenStreetMap</a> <a href="https://en.osm.town/tags/OSM" class="mention hashtag" rel="nofollow noopener" target="_blank">#OSM</a> <a href="https://en.osm.town/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://en.osm.town/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a>

Alvin Ashcraft 🐿️OAuth in the MCP C# SDK: Simple, Secure, Standard | by Den Delimarsky.<a href="https://den.dev/blog/mcp-csharp-sdk-authorization/" rel="nofollow noopener" translate="no" target="_blank">https://den.dev/blog/mcp-csharp-sdk-authorization/</a><a href="https://hachyderm.io/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#ai</a> <a href="https://hachyderm.io/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://hachyderm.io/tags/csharp" class="mention hashtag" rel="nofollow noopener" target="_blank">#csharp</a> <a href="https://hachyderm.io/tags/dotnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#dotnet</a> <a href="https://hachyderm.io/tags/auth" class="mention hashtag" rel="nofollow noopener" target="_blank">#auth</a> <a href="https://hachyderm.io/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#mcp</a> <a href="https://hachyderm.io/tags/modelcontextprotocol" class="mention hashtag" rel="nofollow noopener" target="_blank">#modelcontextprotocol</a>

Alvin AshcraftOAuth in the MCP C# SDK: Simple, Secure, Standard | by Den Delimarsky. <a href="https://buff.ly/bHKQk6j" rel="nofollow noopener" target="_blank">buff.ly/bHKQk6j</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23ai" target="_blank">#ai</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23oauth" target="_blank">#oauth</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23csharp" target="_blank">#csharp</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23dotnet" target="_blank">#dotnet</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23auth" target="_blank">#auth</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23mcp" target="_blank">#mcp</a> <a class="hashtag" rel="nofollow noopener" href="https://bsky.app/search?q=%23modelcontextprotocol" target="_blank">#modelcontextprotocol</a> <a href="https://buff.ly/bHKQk6j" rel="nofollow noopener" target="_blank">OAuth In The MCP C# SDK: Simpl...</a>

|7eter l-|. l3oling 🧰Ann: Launched Open Collective for Ruby OAuth gems (oauth, oauth2, & others)I've been the primary maintainer of OAuth tools in Ruby since 2017. In this move toward supporting myself with open source work I need your help! <a href="https://opencollective.com/ruby-oauth" rel="nofollow noopener" translate="no" target="_blank">https://opencollective.com/ruby-oauth</a> <a href="https://ruby.social/tags/Ruby" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ruby</a> <a href="https://ruby.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a> <a href="https://ruby.social/tags/Authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authorization</a> <a href="https://ruby.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://ruby.social/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#OIDC</a>

|7eter l-|. l3oling 🧰Rename `oauth-xx` org to `ruby-oauth`?Intent of current name was to be a home for oauth tools across many languages, but it never materialized that way. The vestigial -xx is awkward for many reasons, and I think discoverability would improve with a ruby-* org name, and perhaps it could even bring in other oauth-related tools. I have a few thoughts about this, so 🧵 I'm very interested in others thoughts <a href="https://ruby.social/tags/Ruby" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ruby</a> <a href="https://ruby.social/tags/RubyFriends" class="mention hashtag" rel="nofollow noopener" target="_blank">#RubyFriends</a> <a href="https://ruby.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a> <a href="https://ruby.social/tags/Authentication" class="mention hashtag" rel="nofollow noopener" target="_blank">#Authentication</a>

Sven Jacobs :androidHead:I released version 0.3.0 of <a href="https://androiddev.social/tags/Lokksmith" class="mention hashtag" rel="nofollow noopener" target="_blank">#Lokksmith</a> (<a href="https://androiddev.social/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#OIDC</a> client) which now supports <a href="https://androiddev.social/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> and <a href="https://androiddev.social/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#iOS</a> via <a href="https://androiddev.social/tags/ComposeMultiplatform" class="mention hashtag" rel="nofollow noopener" target="_blank">#ComposeMultiplatform</a>!<a href="https://github.com/svenjacobs/lokksmith/releases/tag/v0.3.0" rel="nofollow noopener" translate="no" target="_blank">https://github.com/svenjacobs/lokksmith/releases/tag/v0.3.0</a><a href="https://androiddev.social/tags/Kotlin" class="mention hashtag" rel="nofollow noopener" target="_blank">#Kotlin</a> <a href="https://androiddev.social/tags/KotlinMultiplatform" class="mention hashtag" rel="nofollow noopener" target="_blank">#KotlinMultiplatform</a> <a href="https://androiddev.social/tags/KMP" class="mention hashtag" rel="nofollow noopener" target="_blank">#KMP</a> <a href="https://androiddev.social/tags/Compose" class="mention hashtag" rel="nofollow noopener" target="_blank">#Compose</a> <a href="https://androiddev.social/tags/JetpackCompose" class="mention hashtag" rel="nofollow noopener" target="_blank">#JetpackCompose</a> <a href="https://androiddev.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a> <a href="https://androiddev.social/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenIDConnect</a>

damienbodBlogged: Experimental alternative flow for OAuth First-Party Applications<a href="https://damienbod.com/2025/06/10/experimental-alternative-flow-for-oauth-first-party-applications/" rel="nofollow noopener" translate="no" target="_blank">https://damienbod.com/2025/06/10/experimental-alternative-flow-for-oauth-first-party-applications/</a><a href="https://mastodon.social/tags/oauth" class="mention hashtag" rel="nofollow noopener" target="_blank">#oauth</a> <a href="https://mastodon.social/tags/native" class="mention hashtag" rel="nofollow noopener" target="_blank">#native</a> <a href="https://mastodon.social/tags/dpop" class="mention hashtag" rel="nofollow noopener" target="_blank">#dpop</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.social/tags/duende" class="mention hashtag" rel="nofollow noopener" target="_blank">#duende</a> <a href="https://mastodon.social/tags/identity" class="mention hashtag" rel="nofollow noopener" target="_blank">#identity</a>

Matthew TurlandMax Mitchell | I Read All Of Cloudflare's Claude-Generated Commits <a href="https://www.maxemitchell.com/writings/i-read-all-of-cloudflares-claude-generated-commits/" rel="nofollow noopener" translate="no" target="_blank">https://www.maxemitchell.com/writings/i-read-all-of-cloudflares-claude-generated-commits/</a><a href="https://phpc.social/tags/Claude" class="mention hashtag" rel="nofollow noopener" target="_blank">#Claude</a> <a href="https://phpc.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AI</a> <a href="https://phpc.social/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#LLM</a> <a href="https://phpc.social/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#OAuth</a> <a href="https://phpc.social/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cloudflare</a>

Recent searches

Search options

Administered by:

Server stats:

#oauth