all InfoSec news
Unified Singular Protocol Flow for OAuth (USPFO) Ecosystem. (arXiv:2301.12496v2 [cs.CR] UPDATED)
cs.CR updates on arXiv.org arxiv.org
OAuth 2.0 is a popular authorization framework that allows third-party
clients such as websites and mobile apps to request limited access to a user's
account on another application. The specification classifies clients into
different types based on their ability to keep client credentials confidential.
It also describes different grant types for obtaining access to the protected
resources, with the authorization code and implicit grants being the most
commonly used. Each client type and associated grant type have their unique
security …
access account application apps authorization client clients code confidential credentials ecosystem flow framework grant mobile mobile apps oauth oauth 2.0 party popular protocol request resources third third-party types websites