Justin RicherApplying RAR in OAuth 2 (and GNAP)The Rich Authorization Request extension to OAuth 2, or RAR, is a way to talk about access in the OAuth space beyond what scopes allow, and…6 min read·Feb 22, 2024----
Justin RicherDiscovery, Negotiation, and ConfigurationInteroperability is a grand goal, and a tough problem to crack. After all, what is interoperability other than independent things just…6 min read·Dec 14, 2023----
Justin RicherFederation BubblesWe’ve spent decades building up systems that identify people and devices, and interconnect all of them. We’ve built systems that let us…9 min read·Aug 4, 2023--1--1
Justin RicherWhat happened to MITREid Connect?MITREid Connect was, at one time, one of the top open source implementations of OpenID Connect and OAuth 2.0. Written in Java and targeted…5 min read·May 2, 2023----
Justin RicherThe GNAPathonAt the recent IETF 113 meeting in Vienna, Austria, we put the GNAP protocol to the test by submitting it as a Hackathon project. Over the…4 min read·Apr 11, 2022----
Justin RicherSigning HTTP MessagesThere’s a new draft in the HTTP working group that deals with signing HTTP messages. Why is it here, and what does it give us?7 min read·May 4, 2021--1--1
Justin RicherFilling in the GNAPAbout a year ago I wrote an article arguing for creating the next generation of the OAuth protocol. That article, and some of the other…4 min read·Oct 22, 2020----
Justin RicherXYZ: Cryptographic BindingThis article is part of a series about XYZ and how it works, also including articles on Why?, Handles, Interaction, and Compatibility.5 min read·Jul 1, 2020--1--1
Justin RicherXYZ: InteractionThis article is part of a series about XYZ and how it works, also including articles on Why?, Handles, Passing by Reference, and…7 min read·Jun 18, 2020----
Justin RicherXYZ: Compatibility With OAuth 2This article is part of a series about XYZ and how it works, also including articles on Why? and Handles, Passing by Reference, and…6 min read·Jun 16, 2020--1--1