Wladimir Mufty<p>Setting up a sector-wide <a href="https://social.edu.nl/tags/PeerTube" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PeerTube</span></a> pilot instance on behalf of Dutch higher ed & research using <a href="https://social.edu.nl/tags/SSO" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SSO</span></a> via <a href="https://social.edu.nl/tags/SAML" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SAML</span></a>, so no local usernames/passwords…</p><p>Anyone with experience uploading videos using the <a href="https://social.edu.nl/tags/REST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>REST</span></a> <a href="https://social.edu.nl/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>API</span></a> for system integration purposes? No classic <a href="https://social.edu.nl/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> flow here… or is it possible?!</p><p>💚➡️ <a href="https://social.edu.nl/tags/Framasoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Framasoft</span></a> <a href="https://social.edu.nl/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fediverse</span></a> <a href="https://social.edu.nl/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a> <a href="https://social.edu.nl/tags/Education" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Education</span></a> <a href="https://social.edu.nl/tags/Science" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Science</span></a> <a href="https://social.edu.nl/tags/askfedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>askfedi</span></a></p><p>👩🏽🎓 <a href="https://video.edu.nl/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">video.edu.nl/</span><span class="invisible"></span></a></p>
#oauth
2 posts2 participants0 posts today
Ann: Launched Open Collective for Ruby OAuth gems (oauth, oauth2, & others)
I've been the primary maintainer of OAuth tools in Ruby since 2017. In this move toward supporting myself with open source work I need your help!
https://opencollective.com/ruby-oauth #Ruby #OAuth #Authorization #Security #OIDC
opencollective.comThe Ruby OAuth Collective - Open CollectiveDevelop and maintain OAuth 1.0, 2.0, and 2.1 client libraries for Ruby, including oauth, oauth2, oauth-tty
Rename `oauth-xx` org to `ruby-oauth`?
Intent of current name was to be a home for oauth tools across many languages, but it never materialized that way. The vestigial -xx is awkward for many reasons, and I think discoverability would improve with a ruby-* org name, and perhaps it could even bring in other oauth-related tools. I have a few thoughts about this, so 
I'm very interested in others thoughts #Ruby #RubyFriends #OAuth #Authentication
I released version 0.3.0 of #Lokksmith (#OIDC client) which now supports #Android and #iOS via #ComposeMultiplatform!
New 
Release! MCP Servers with Oauth: A full introduction to MCP, from zero to deployment in one weekend by Zach Silveira #books #ebooks #oauth #technology
This book provides the fastest way to get up to speed using the latest Model Context Protocol authentication specification that was finalized in May 2025.
Find it on Leanpub!
Blogged: Experimental alternative flow for OAuth First-Party Applications
https://damienbod.com/2025/06/10/experimental-alternative-flow-for-oauth-first-party-applications/
Software Engineering · Experimental alternative flow for OAuth First-Party ApplicationsThis post looks at an alternative way of implementing a native app authentication and authorization. At present, a web browser is used to implement authentication of native applications when using …
Max Mitchell | I Read All Of Cloudflare's Claude-Generated Commits https://www.maxemitchell.com/writings/i-read-all-of-cloudflares-claude-generated-commits/
Max Mitchell · Max Mitchell's Personal Portfolio Website
#Hollo 0.6.0 is coming soon!
We're putting the finishing touches on our biggest security and feature update yet. Here's what's coming:
- RFC 8414 (OAuth metadata discovery)
- RFC 7636 (#PKCE support)
- Improved authorization flows following RFC 9700 best practices
New features
- Extended character limit (4K → 10K)
- Code syntax highlighting
- Customizable profile themes
- EXIF metadata stripping for privacy
Important notes for update
- Node.js 24+ required
- Updated environment variables for asset storage
- Stronger
SECRET_KEYrequirements (44+ chars)
Special thanks to @thisismissem for the extensive OAuth improvements that help keep the #fediverse secure and compatible! 
Full changelog and upgrade guide coming with the release.
Blogged: Handling OpenID Connect error events in ASP.NET Core
https://damienbod.com/2025/06/02/handling-openid-connect-error-events-in-asp-net-core/
Software Engineering · Handling OpenID Connect error events in ASP.NET CoreASP.NET Core provides great extension points for handling OpenID Connect error events. This blog looks at implementing error handling in an ASP.NET Core application implemented using ASP.NET Core I…
I'm not easily swearing, but how can I put this: sending infra emails from a data center to addresses managed by #Microsoft 365 is crazy. MS dislikes #SMTP AUTH, ok, and so begins the #OAuth journey to get the #postfix mail relay to embrace OAuth
The best idea so far is to write a script that acts as a proxy between postfix and MS, sending emails via the MS #GraphAPI. Undoubtedly much more secure and, just as undoubtedly, absolutely no vendor lock-in for something as simple as SMTP ... WTF!!