Suche senden
Hochladen
OAuth Multiple Lifetime Token
•
Als PPTX, PDF herunterladen
•
1 gefällt mir
•
935 views
Yusuke Kondo
Folgen
Technologie
News & Politik
Melden
Teilen
Melden
Teilen
1 von 9
Jetzt herunterladen
Empfohlen
Security Cas And Open Id
Security Cas And Open Id
ConSanFrancisco123
Yahoo!ボックスAPI Hackathon向け資料
Yahoo!ボックスAPI Hackathon向け資料
Yahoo!デベロッパーネットワーク
Yahoo!ボックスAPI Hackday資料
Yahoo!ボックスAPI Hackday資料
Yahoo!デベロッパーネットワーク
ux_team_of_one
ux_team_of_one
Yahoo!デベロッパーネットワーク
Leedhar Graphics & Web Protfolio
Leedhar Graphics & Web Protfolio
murugan_ad
オークション/ショッピングAPIのご紹介
オークション/ショッピングAPIのご紹介
Yahoo!デベロッパーネットワーク
Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0
Adam Lewis
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices World
VMware Tanzu
Empfohlen
Security Cas And Open Id
Security Cas And Open Id
ConSanFrancisco123
Yahoo!ボックスAPI Hackathon向け資料
Yahoo!ボックスAPI Hackathon向け資料
Yahoo!デベロッパーネットワーク
Yahoo!ボックスAPI Hackday資料
Yahoo!ボックスAPI Hackday資料
Yahoo!デベロッパーネットワーク
ux_team_of_one
ux_team_of_one
Yahoo!デベロッパーネットワーク
Leedhar Graphics & Web Protfolio
Leedhar Graphics & Web Protfolio
murugan_ad
オークション/ショッピングAPIのご紹介
オークション/ショッピングAPIのご紹介
Yahoo!デベロッパーネットワーク
Securing APIs using OAuth 2.0
Securing APIs using OAuth 2.0
Adam Lewis
An Authentication and Authorization Architecture for a Microservices World
An Authentication and Authorization Architecture for a Microservices World
VMware Tanzu
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CloudIDSummit
OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater
Apigee | Google Cloud
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
Nat Sakimura
Oauth2.0
Oauth2.0
Yasmine Gaber
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring Webshell
CA API Management
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0
CloudIDSummit
CIS 2015 Extreme OAuth - Paul Meyer
CIS 2015 Extreme OAuth - Paul Meyer
CloudIDSummit
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Hitachi, Ltd. OSS Solution Center.
Single-Page-Application & REST security
Single-Page-Application & REST security
Igor Bossenko
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
APIsecure_ Official
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
Hitachi, Ltd. OSS Solution Center.
Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)
Nordic APIs
OAuth2 Introduction
OAuth2 Introduction
Arpit Suthar
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Atlassian
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Atlassian
AT&T 2012 DevLab Speech API Deep Dive
AT&T 2012 DevLab Speech API Deep Dive
Michael Owens
Authorization Architecture Patterns: How to Avoid Pitfalls in #OAuth / #OIDC ...
Authorization Architecture Patterns: How to Avoid Pitfalls in #OAuth / #OIDC ...
Tatsuo Kudo
Introduction to OAuth2.0
Introduction to OAuth2.0
Oracle Corporation
Authorization Using JWTs
Authorization Using JWTs
ForgeRock Identity Tech Talks
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
ForgeRock
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
FIDO Alliance
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
CzechDreamin
Weitere ähnliche Inhalte
Ähnlich wie OAuth Multiple Lifetime Token
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CloudIDSummit
OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater
Apigee | Google Cloud
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
Nat Sakimura
Oauth2.0
Oauth2.0
Yasmine Gaber
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring Webshell
CA API Management
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0
CloudIDSummit
CIS 2015 Extreme OAuth - Paul Meyer
CIS 2015 Extreme OAuth - Paul Meyer
CloudIDSummit
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Hitachi, Ltd. OSS Solution Center.
Single-Page-Application & REST security
Single-Page-Application & REST security
Igor Bossenko
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
APIsecure_ Official
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
Hitachi, Ltd. OSS Solution Center.
Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)
Nordic APIs
OAuth2 Introduction
OAuth2 Introduction
Arpit Suthar
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Atlassian
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Atlassian
AT&T 2012 DevLab Speech API Deep Dive
AT&T 2012 DevLab Speech API Deep Dive
Michael Owens
Authorization Architecture Patterns: How to Avoid Pitfalls in #OAuth / #OIDC ...
Authorization Architecture Patterns: How to Avoid Pitfalls in #OAuth / #OIDC ...
Tatsuo Kudo
Introduction to OAuth2.0
Introduction to OAuth2.0
Oracle Corporation
Authorization Using JWTs
Authorization Using JWTs
ForgeRock Identity Tech Talks
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
ForgeRock
Ähnlich wie OAuth Multiple Lifetime Token
(20)
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
CIS13: Bootcamp: Ping Identity OAuth and OpenID Connect In Action with PingFe...
OAuth - Don’t Throw the Baby Out with the Bathwater
OAuth - Don’t Throw the Baby Out with the Bathwater
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
Oauth2.0
Oauth2.0
OAuth in the Real World featuring Webshell
OAuth in the Real World featuring Webshell
CIS13: Introduction to OAuth 2.0
CIS13: Introduction to OAuth 2.0
CIS 2015 Extreme OAuth - Paul Meyer
CIS 2015 Extreme OAuth - Paul Meyer
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Single-Page-Application & REST security
Single-Page-Application & REST security
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
2022 APIsecure_Why Assertion-based Access Token is preferred to Handle-based ...
Why Assertion-based Access Token is preferred to Handle-based one?
Why Assertion-based Access Token is preferred to Handle-based one?
Open APIs - Risks and Rewards (Øredev 2013)
Open APIs - Risks and Rewards (Øredev 2013)
OAuth2 Introduction
OAuth2 Introduction
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
Extend Your Use of JIRA by Solving Your Unique Concerns: An Exposé of the New...
AT&T 2012 DevLab Speech API Deep Dive
AT&T 2012 DevLab Speech API Deep Dive
Authorization Architecture Patterns: How to Avoid Pitfalls in #OAuth / #OIDC ...
Authorization Architecture Patterns: How to Avoid Pitfalls in #OAuth / #OIDC ...
Introduction to OAuth2.0
Introduction to OAuth2.0
Authorization Using JWTs
Authorization Using JWTs
Webinar: Identity Wars: The Unified Platform Awakens
Webinar: Identity Wars: The Unified Platform Awakens
Kürzlich hochgeladen
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
FIDO Alliance
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
CzechDreamin
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
vincent683379
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
FIDO Alliance
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
Patrick Viafore
Top 10 Symfony Development Companies 2024
Top 10 Symfony Development Companies 2024
TopCSSGallery
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
Stefano
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
FIDO Alliance
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
Syngulon
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
CzechDreamin
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
ChristopherTHyatt
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
Stephanie Beckett
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
IoTAnalytics
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
UXDXConf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
FIDO Alliance
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
IES VE
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
UXDXConf
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
Mark Billinghurst
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Julian Hyde
Kürzlich hochgeladen
(20)
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
Top 10 Symfony Development Companies 2024
Top 10 Symfony Development Companies 2024
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Agentic RAG What it is its types applications and implementation.pdf
Agentic RAG What it is its types applications and implementation.pdf
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
Structuring Teams and Portfolios for Success
Structuring Teams and Portfolios for Success
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
OAuth Multiple Lifetime Token
1.
OAuth Multiple lifetime
token by Yahoo! Japan
2.
1 Copyright ©
2010 Yahoo Japan Corporation. All Rights Reserved. 無断引用・転載禁止 Summary –Proposal toward OAuth v2 spec –multiple lifetime tokens (access_token & refresh_token) –no change in process of OAuth, only change in token,lifetime and scope parameter. –Introduction of Yahoo! JAPAN OAuth API and security policy
3.
2 Copyright ©
2010 Yahoo Japan Corporation. All Rights Reserved. 無断引用・転載禁止 Yahoo! JAPAN OAuth APIs Payment API ”Credit Card Payment” Point API ”Award and use Y!Points” Contacts API ”Read Contact List of Y!Mail” Social API ”Read & Update Y!Profiles” Attribute API ”Read User Attributes” Auction API ”Bidding or Selling at Y!Auction”
4.
3 Copyright ©
2010 Yahoo Japan Corporation. All Rights Reserved. 無断引用・転載禁止 Security Level of APIs Security Level Token Lifetime Payment API Y! Point API high short Attribute API Contacts API middle medium Social APIs (User Status & Updates) low long
5.
4 Copyright ©
2010 Yahoo Japan Corporation. All Rights Reserved. 無断引用・転載禁止 Current issue – Moba-ge-town(http://yahoo-mbga.jp/) – Social API (security level: low) – Update Yahoo! Profile – Contacts API (security level: middle) – Find Friends, Send Invitation to Friends – Payment API (security level: high) – Purchase Avatar Item, Virtual coin expires in 2w
6.
5 Copyright ©
2010 Yahoo Japan Corporation. All Rights Reserved. 無断引用・転載禁止 Web Server Profile User-Agent (Web browser) Client (Web App) AuthZ Server (Service Provider) Access Grant Ask for Permission Authorization Request w/ multiple scopes Authorization code & multiple scopes Authorization code & multiple scopes Access(and refresh) Tokens with different lifetime w/ multiple scopes
7.
6 Copyright ©
2010 Yahoo Japan Corporation. All Rights Reserved. 無断引用・転載禁止 User-agent Profile – Still needs consideration about the URL lengh User-Agent (Web browser) AuthZ Server (Service provider Access Grant Ask for Permission Authorization Request w/ multiple scopes multiple Access(or refresh) Token with different lifetime w/ multiple scopes
8.
7 Copyright ©
2010 Yahoo Japan Corporation. All Rights Reserved. 無断引用・転載禁止 Idea of multiple liftetime access token – Manage each access token lifetime by “expires_in” { “scope": “payment social" "access_token": "SlAV32hkKG V2v5ehmLY" "expires_in": "3600 1206900" } expires in 1h. expires in 2w
9.
8 Copyright ©
2010 Yahoo Japan Corporation. All Rights Reserved. 無断引用・転載禁止 Idea of multiple lifetime refresh_token – set access token lifetimes short and set refresh_token lifetimes longer { “scope": “payment social" "access_token": "SlAV32hkKG V2v5ehmLY" "expires_in": "3600 3600" "refresh_token": "8xLOxBtZp8 7euhZh4E" } expires in 1h. expires in 2w
Jetzt herunterladen