Security Boulevard

OAuth User-Managed Access Protocol Overview

Deep dive into OAuth User-Managed Access (UMA) for CTOs. Learn how UMA 2.0 improves CIAM, delegated authorization, and enterprise SSO security.
Threat Post

PayPal Fixes OAuth Token Leaking Vulnerability

PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application. PayPal fixed an issue that could have allowed an attacker to hijack OAuth ...
Hackaday

Using Gmail With OAUTH2 In Linux And On An ESP8266

One of the tasks I dread is configuring a web server to send email correctly via Gmail. The simplest way of sending emails is SMTP, and there are a number of scripts out there that provide a simple ...
Ars Technica

Compromising Twitter’s OAuth security system

Twitter officially disabled Basic authentication this week, the final step in the company’s transition to mandatory OAuth authentication. Sadly, Twitter’s extremely poor implementation of the OAuth ...
Security Boulevard

OAuth Authorization Server Setup: Implementation Guide & Configuration

Learn how to build and configure an enterprise-grade OAuth authorization server. Covering PKCE, grant types, and CIAM best practices for secure SSO.
Dark Reading

OAuth Attacks Target Microsoft 365, GitHub

A trio of ongoing campaigns have highlighted once again the continued popularity among cybercriminals of malicious OAuth apps as a go-to attack method. In one wave of recent attacks, threat actors ...
The Droid Guy

Fix Samsung Galaxy S7 “401 Error: disabled_client. The OAuth client was disabled” error & other email problems

The error “401. That’s an error. Error: disabled_client. The OAuth client was disabled” seems to start occurring a few days ago. Neither Samsung nor Google ...