Nik | Klampfradler 🎸🚲<p>I got back to <a href="https://toot.teckids.org/tags/WebIDAMd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WebIDAMd</span></a>, a <a href="https://toot.teckids.org/tags/systemd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systemd</span></a>-userdbd-based system for using <a href="https://toot.teckids.org/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> / <a href="https://toot.teckids.org/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> / <a href="https://toot.teckids.org/tags/REST" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>REST</span></a> identity providers for <a href="https://toot.teckids.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> system authentication.</p><p>And I can now show off a first demo (no <a href="https://toot.teckids.org/tags/PAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PAM</span></a> authentication yet, but user and group listing):</p><p><a href="https://asciinema.org/a/728567" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">asciinema.org/a/728567</span><span class="invisible"></span></a></p><p>In contrast to <a href="https://toot.teckids.org/tags/sssd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sssd</span></a>'s recent OIDC module, WebIDAMd is fully provider-agnostic and integrates transparently with userdbd, the current/upcoming standard in most Linux distributions instead of requiring a full separate software stack.</p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
211active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#oidc
0 posts · 0 participants · 0 posts today
DocYeet :verified:<p>I've been progressively more and more frustrated with Zitadel as Identity Provider in the last months</p><p>It came with the default Netbird installation process and thought I would use Zitadel as my Identity Provider for the whole infrastructure, learning with it</p><p>But it feels clunky, slow and overly complicated, so I am here to ask you, is it a me thing or is Zitadel actually not so polished ?</p><p>I am currently eying Authentik and have to run some tests before migrating but I would be curious to hear your feedback on the matter</p><p><a href="https://mastodon.halis.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfhosted</span></a> <a href="https://mastodon.halis.io/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a> <a href="https://mastodon.halis.io/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://mastodon.halis.io/tags/zitadel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zitadel</span></a> <a href="https://mastodon.halis.io/tags/netbird" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>netbird</span></a> <a href="https://mastodon.halis.io/tags/authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authentik</span></a> <a href="https://mastodon.halis.io/tags/idp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>idp</span></a> <a href="https://mastodon.halis.io/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
Elias Probst<p><span class="h-card" translate="no"><a href="https://gruene.social/@Gerbsen" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Gerbsen</span></a></span> es gibt einen Fork von <a href="https://mastodon.social/tags/Vaultwarden" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vaultwarden</span></a> mit <a href="https://mastodon.social/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a>-Support, aber der Maintainer hat gerade erst seinen Hauptsponsor verloren, weshalb zwar der Fork weiter maintained wird, aber die Releases evtl. immer etwas hinter dem Original hinterherhinken:<br><a href="https://github.com/dani-garcia/vaultwarden/pull/3899" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/dani-garcia/vaultwa</span><span class="invisible">rden/pull/3899</span></a></p>
Silke Meyer<p>Für "Identity Broker"-Szenarien mit Keycloak finde ich die Doku von Red Hat empfehlenswert. Dort ist verhältnismäßig gut beschrieben, wie man das Durchreichen von Claims/Attributen von einem Identity Provider durch einen anderen zu einem Client konfiguriert.</p><p><a href="https://docs.redhat.com/en/documentation/red_hat_build_of_keycloak/26.0/html/server_administration_guide/identity_broker" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docs.redhat.com/en/documentati</span><span class="invisible">on/red_hat_build_of_keycloak/26.0/html/server_administration_guide/identity_broker</span></a></p><p><a href="https://univention.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/iam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>iam</span></a> <a href="https://univention.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://univention.social/tags/saml" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>saml</span></a></p>
Gauff 🇪🇺<p><span class="h-card" translate="no"><a href="https://fosstodon.org/@adingbatponder" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>adingbatponder</span></a></span> If possible, setup <a href="https://piaille.fr/tags/wireguard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wireguard</span></a> yourself, there are some very good guides: <a href="https://docs.pi-hole.net/guides/vpn/wireguard/server/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docs.pi-hole.net/guides/vpn/wi</span><span class="invisible">reguard/server/</span></a></p><p>If you really wish to use <a href="https://piaille.fr/tags/tailscale" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tailscale</span></a> , I believe they offer the feature to have a <a href="https://piaille.fr/tags/passkey" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passkey</span></a> , or <a href="https://piaille.fr/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> ?</p>
Lenin alevski 🕵️💻<p>New Open-Source Tool Spotlight 🚨🚨🚨</p><p>Pocket ID is an OIDC provider simplifying authentication with passkeys. No passwords. Think secure logins using Yubikeys or biometrics. Lightweight compared to Keycloak or Hydra and ideal for focused use cases. Built for Docker setups. <a href="https://infosec.exchange/tags/Passkeys" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Passkeys</span></a> <a href="https://infosec.exchange/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a></p><p>🔗 Project link on <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> 👉 <a href="https://github.com/pocket-id/pocket-id" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/pocket-id/pocket-id</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/Software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Software</span></a> <a href="https://infosec.exchange/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://infosec.exchange/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a> <a href="https://infosec.exchange/tags/CTF" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CTF</span></a> <a href="https://infosec.exchange/tags/Cybersecuritycareer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecuritycareer</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/redteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>redteam</span></a> <a href="https://infosec.exchange/tags/blueteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteam</span></a> <a href="https://infosec.exchange/tags/purpleteam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>purpleteam</span></a> <a href="https://infosec.exchange/tags/tips" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tips</span></a> <a href="https://infosec.exchange/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a></p><p>— ✨<br>🔐 P.S. Found this helpful? Tap Follow for more cybersecurity tips and insights! I share weekly content for professionals and people who want to get into cyber. Happy hacking 💻🏴☠️</p>
Silke Meyer<p>Guten Morgen! Am 11. Juni findet wieder meine ganztägige Keycloak-Schulung statt und es gibt noch ein paar freie Plätze. Die Zielgruppe sind Admin*s, die den von <span class="h-card" translate="no"><a href="https://univention.social/@univention" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>univention</span></a></span> ausgelieferten Keycloak in Verbindung mit UCS einsetzen. SSO-Vorkenntnisse sind nicht nötig. Falls noch jemand teilnehmen möchte, sind hier die Details zur Anmeldung:</p><p><a href="https://www.univention.de/training/keycloak/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">univention.de/training/keycloa</span><span class="invisible">k/</span></a></p><p><a href="https://univention.social/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keycloak</span></a> <a href="https://univention.social/tags/singlesignon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>singlesignon</span></a> <a href="https://univention.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://univention.social/tags/saml" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>saml</span></a> <a href="https://univention.social/tags/univention" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>univention</span></a></p>
Vladimir Marinkovic<p>Blogged: kickstarter guide for using Keycloak as identity provider</p><p><a href="https://cleverheap.com/posts/keycloak-with-aspnet-webapi/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cleverheap.com/posts/keycloak-</span><span class="invisible">with-aspnet-webapi/</span></a></p><p><a href="https://mastodon.social/tags/keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>keycloak</span></a> <a href="https://mastodon.social/tags/blog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blog</span></a> <a href="https://mastodon.social/tags/dotnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dotnet</span></a> <a href="https://mastodon.social/tags/aspnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aspnet</span></a> <a href="https://mastodon.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://mastodon.social/tags/oauth2" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oauth2</span></a></p>
gyptazy<p>Proxmox in Enterprises: I'm often asked, 'Can we use our Active Directory, LDAP, or OIDC with Proxmox?' Yes, you can!</p><p>Let's have quick dive into installing and configuring Authentik and configure Proxmox VE to use OIDC as an additional authentication realm.</p><p><a href="https://mastodon.gyptazy.com/tags/Proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Proxmox</span></a> <a href="https://mastodon.gyptazy.com/tags/ProxmoxVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ProxmoxVE</span></a> <a href="https://mastodon.gyptazy.com/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.gyptazy.com/tags/Authentik" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Authentik</span></a> <a href="https://mastodon.gyptazy.com/tags/OpenID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenID</span></a> <a href="https://mastodon.gyptazy.com/tags/OpenIDConnect" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenIDConnect</span></a> <a href="https://mastodon.gyptazy.com/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> <a href="https://mastodon.gyptazy.com/tags/EntraID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EntraID</span></a> <a href="https://mastodon.gyptazy.com/tags/enterprise" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>enterprise</span></a> <a href="https://mastodon.gyptazy.com/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>homelab</span></a></p><p><a href="https://gyptazy.com/proxmox-authentik-oidc-install-configure-and-connect-authentik-to-proxmox-ve/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gyptazy.com/proxmox-authentik-</span><span class="invisible">oidc-install-configure-and-connect-authentik-to-proxmox-ve/</span></a></p>
F. Maury ⏚<p>Me to the library: Please verify the signature of this document.<br>Library: Document is OK.<br>Me: What keys did you use exactly?<br>Library: What keys?<br>Me: ...<br>Library: Well, I did not have any keys so I did not really check.<br>Me: 😠</p><p><a href="https://infosec.exchange/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Felicitas Pojtinger 🌅<p>Finally managed to get <a href="https://mastodon.social/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> post-login redirects to specific "URLs" (well, <a href="https://mastodon.social/tags/libadwaita" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>libadwaita</span></a> `NavigationView` tags, to be precise) to work. That was quite a bit more complex than I expected it to be!</p>
Markus Eisele<p>Sender-constraining access tokens with Quarkus OIDC <br><a href="https://quarkus.io/blog/sender-constraining-tokens/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">quarkus.io/blog/sender-constra</span><span class="invisible">ining-tokens/</span></a><br><a href="https://mastodon.online/tags/Java" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Java</span></a> <a href="https://mastodon.online/tags/Quarkus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Quarkus</span></a> <a href="https://mastodon.online/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> <a href="https://mastodon.online/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a></p>
Fluchtkapsel<p>Ich glaube, ich kann mittlerweile nicht mehr guten Gewissens zu Webdiensten raten, die kein OpenID Connect unterstützen.</p><p>Ich bin ein Freund spezialisierter Software: Mach ein Ding, mach es ordentlich, sei interoperabel. Mängel einer Software können dann durch Stärken einer anderen ausgeglichen werden. Aber wenn ein bunter Strauß verschiedener Webdienste im Einsatz sind, möchte man sich so einfach wie möglich anmelden, was derzeit wohl noch immer Social Logins auf Basis von OAuth 2 oder OpenID Connect sind.</p><p>Mein <a href="https://nerdculture.de/tags/Mattermost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mattermost</span></a> hat deswegen enorm an Reiz für mich verloren, weil es nur Anmeldung via Gitlab erlaubt. <a href="https://nerdculture.de/tags/Vernissage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vernissage</span></a> oder <a href="https://nerdculture.de/tags/Pixelfed" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Pixelfed</span></a> sind für mich uninteressant, solange ich dort kein <a href="https://nerdculture.de/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> konfigurieren kann.</p><p>Und ja, für mich gilt das aus Benutzersicht wie auch aus Perspektive des Admins, der die Dienste selbst betreibt.</p>
Ariel<p>I'm confused how a static site can do OIDC.</p><p>Isn't there supposed to be a client/application ID-secret pair that are used to exchange the auth token for the actual access token that /does/ stuff?</p><p>How do you store that secret when it's all static files and client-side JS calls?</p><p><a href="https://eigenmagic.net/tags/FrontEnd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FrontEnd</span></a> <a href="https://eigenmagic.net/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a></p>
damienbod<p>New Microsoft docs: Configure JWT bearer authentication in ASP.NET Core</p><p><a href="https://learn.microsoft.com/aspnet/core/security/authentication/configure-jwt-bearer-authentication" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">learn.microsoft.com/aspnet/cor</span><span class="invisible">e/security/authentication/configure-jwt-bearer-authentication</span></a></p><p><a href="https://mastodon.social/tags/jwt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>jwt</span></a> <a href="https://mastodon.social/tags/aspnetcore" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aspnetcore</span></a> <a href="https://mastodon.social/tags/dotnet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dotnet</span></a> <a href="https://mastodon.social/tags/oidc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>oidc</span></a> <a href="https://mastodon.social/tags/bearer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bearer</span></a> <a href="https://mastodon.social/tags/authorization" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>authorization</span></a> <a href="https://mastodon.social/tags/access" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>access</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p><p>Thanks Mike Kistler Rick Anderson Stephen Halter</p>
Fluchtkapsel<p>Eigentlich wollte ich ja heute mal <a href="https://nerdculture.de/tags/Vernissage" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vernissage</span></a> und <a href="https://nerdculture.de/tags/GoToSocial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GoToSocial</span></a> installieren. Aber dann fiel mir ein, dass ich das ja an mein <a href="https://nerdculture.de/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keycloak</span></a> anbinden könnte. Und außerdem war da ja noch <a href="https://nerdculture.de/tags/Mobilizon" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Mobilizon</span></a>, was nicht mehr wollte.</p><p>Also erstmal Mobilizon repariert. Dabei stelle ich fest, dass auch Mobilizon <a href="https://nerdculture.de/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> unterstützt, also kann ich auch das an Keycloak anbinden.</p><p>Muss nor noch schauen, ob Vernissage auch OIDC unterstützt. Außerdem bin ich in Sachen Keycloak seit letztem Frühjahr ein wenig eingerostet. Hoffe, ich kriege das alles noch zusammen.</p>
Josef Davies-Coates<p>Hey <span class="h-card" translate="no"><a href="https://mastodon.xyz/@nextcloud" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nextcloud</span></a></span> are there any plans to bake in <a href="https://mastodon.uniteddiversity.coop/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> into <a href="https://mastodon.uniteddiversity.coop/tags/Nextcloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nextcloud</span></a> itself in the same way LDAP is? </p><p>Most of my apps now use OIDC and it's be great to be able to use it with Nextcloud too (which out having to risk using a third party app to do it, which seems risk for something so fundamental as login).</p>
Tom Chapple<p>What's the fediverse's opinion on <a href="https://mastodon.social/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> providers for identifying applications at runtime? For example: a GitHub workflow assuming a role in AWS using an OIDC token it can retrieve by making a cURL request internally.</p><p><a href="https://docs.github.com/en/actions/security-for-github-actions/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">docs.github.com/en/actions/sec</span><span class="invisible">urity-for-github-actions/security-hardening-your-deployments/configuring-openid-connect-in-amazon-web-services</span></a></p><p>I feel like it would be great to utilise that functionality to avoid storing static credentials, but I'm curious what other people think on this. Maybe there's some security aspect I'm not considering?</p><p><a href="https://mastodon.social/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Programming</span></a> <a href="https://mastodon.social/tags/CICD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CICD</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mastodon.social/tags/API" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>API</span></a></p>
Pelle Wessman<p>Its a bit weird that <a href="https://mastodon.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a> spearheaded <a href="https://mastodon.social/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> based authentication to retrieve short lived tokens for cloud platforms and then <a href="https://mastodon.social/tags/PyPi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PyPi</span></a>, <a href="https://mastodon.social/tags/RubyGems" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RubyGems</span></a> and even <a href="https://mastodon.social/tags/Dart" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Dart</span></a> went and used that to enable short lived tokens for publishing packages – but GitHub themselves haven't yet launched it for <a href="https://mastodon.social/tags/npm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>npm</span></a></p><p><span class="h-card" translate="no"><a href="https://social.lfx.dev/@openssf" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>openssf</span></a></span> has even launched a <a href="https://mastodon.social/tags/TrustedPublishers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TrustedPublishers</span></a> guideline: <a href="https://repos.openssf.org/trusted-publishers-for-all-package-repositories" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">repos.openssf.org/trusted-publ</span><span class="invisible">ishers-for-all-package-repositories</span></a></p><p><a href="https://blog.rubygems.org/2023/12/14/trusted-publishing.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.rubygems.org/2023/12/14/t</span><span class="invisible">rusted-publishing.html</span></a></p>
Max Maass :donor:<p>Oh wow, I completely missed that <a href="https://infosec.exchange/tags/KeyConf" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KeyConf</span></a> is happening. Looks like a bunch of really interesting talks on <a href="https://infosec.exchange/tags/Keycloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Keycloak</span></a> and <a href="https://infosec.exchange/tags/OAuth" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OAuth</span></a> / <a href="https://infosec.exchange/tags/OIDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OIDC</span></a> are being presented there. Looking forward to watching the recordings.<br><a href="https://fosstodon.org/@ahus1/113159868562052066" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">fosstodon.org/@ahus1/113159868</span><span class="invisible">562052066</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload