Discover more from Scott Brady's Newsletter
March '22 - Step-up authentication, UK Open Banking, and an ROPC update
A deep dive into some advanced OAuth and OpenID Connect topics.
Top billing goes to my piece on implementing step-up authentication using the building blocks already provided by OAuth and OpenID Connect. It also includes an emerging standard for APIs to trigger step-up authentication using the WWW-Authenticate header.
UK Open Banking
Next up is an article on the OAuth side of the UK’s Open Banking standard. If you understand OAuth and you’re looking to learn the many acronyms of Open Banking, then this is the article for you.
I’ve also updated my old ROPC article, adding up-to-date arguments, softening the tone, and improving the structure. I’ve turned comments back on for this article, but we’ll see how that goes…
Last month I decided to block traffic from Russia & Belarus, asking that the reader instead consider protesting the invasion of Ukraine. Around 50 people per day see this request.