I just finished adding BlueSky support to IndieLogin.com! Now you can log in to websites like indieweb.org with your BlueSky handle!
Adding Support for BlueSky to IndieLogin.com
Today I just launched support for BlueSky as a new authentication option in IndieLogin.com!
aaronparecki.com
October 11, 2025 at 5:51 PM
I just finished adding BlueSky support to IndieLogin.com! Now you can log in to websites like indieweb.org with your BlueSky handle!
The IETF OAuth Working Group has adopted the Client ID Metadata Document specification!
> This specification defines a mechanism through which an OAuth client can identify itself to authorization servers, without prior dynamic client registration or other existing registration.
> This specification defines a mechanism through which an OAuth client can identify itself to authorization servers, without prior dynamic client registration or other existing registration.
October 11, 2025 at 4:26 PM
The IETF OAuth Working Group has adopted the Client ID Metadata Document specification!
> This specification defines a mechanism through which an OAuth client can identify itself to authorization servers, without prior dynamic client registration or other existing registration.
> This specification defines a mechanism through which an OAuth client can identify itself to authorization servers, without prior dynamic client registration or other existing registration.
The IETF OAuth Working Group has adopted the Identity Assertion Authorization Grant specification!
datatracker.ietf.org/doc/draft-ie...
This is the basis of Cross App Access (XAA), providing IT admins better visibility and control by configuring the app-to-app connections in their enterprise IdP.
datatracker.ietf.org/doc/draft-ie...
This is the basis of Cross App Access (XAA), providing IT admins better visibility and control by configuring the app-to-app connections in their enterprise IdP.
Identity Assertion Authorization Grant
This specification provides a mechanism for an application to use an identity assertion to obtain an access token for a third-party API by coordinating through a common enterprise identity provider us...
datatracker.ietf.org
September 20, 2025 at 2:19 PM
The IETF OAuth Working Group has adopted the Identity Assertion Authorization Grant specification!
datatracker.ietf.org/doc/draft-ie...
This is the basis of Cross App Access (XAA), providing IT admins better visibility and control by configuring the app-to-app connections in their enterprise IdP.
datatracker.ietf.org/doc/draft-ie...
This is the basis of Cross App Access (XAA), providing IT admins better visibility and control by configuring the app-to-app connections in their enterprise IdP.
Inspired by a question from @thisismissem.social, I wrote up a document describing how to apply DPoP (RFC9449) to the OAuth Device Flow (RFC8628).
datatracker.ietf.org/doc/draft-pa...
datatracker.ietf.org/doc/draft-pa...
DPoP for the OAuth 2.0 Device Authorization Grant
The OAuth 2.0 Device Authorization Grant [RFC8628] is an authorization flow for devices with limited input capabilities. Demonstrating Proof of Possession (DPoP) [RFC9449] is a mechanism to sender-con...
datatracker.ietf.org
September 20, 2025 at 2:18 PM
Inspired by a question from @thisismissem.social, I wrote up a document describing how to apply DPoP (RFC9449) to the OAuth Device Flow (RFC8628).
datatracker.ietf.org/doc/draft-pa...
datatracker.ietf.org/doc/draft-pa...
Well that's the last time I take my ID out of my wallet to go through airport security. I made the mistake of putting it into my pocket instead of back in my wallet and it seems to have fallen out somewhere between PDX and SFO 🫠
August 5, 2025 at 4:00 AM
Well that's the last time I take my ID out of my wallet to go through airport security. I made the mistake of putting it into my pocket instead of back in my wallet and it seems to have fallen out somewhere between PDX and SFO 🫠
I just got FreePBX up and running and connected to a WiFi phone and my doorbell and video intercom system! I have two way calling between every device, I can even connect analog phones!
June 30, 2025 at 2:26 AM
I just got FreePBX up and running and connected to a WiFi phone and my doorbell and video intercom system! I have two way calling between every device, I can even connect analog phones!
The latest version of the MCP spec is now officially 2025-06-18! Congrats to everyone in the MCP community involved in making this happen!
Key updates to the authorization section 👇
Key updates to the authorization section 👇
June 19, 2025 at 2:08 AM
The latest version of the MCP spec is now officially 2025-06-18! Congrats to everyone in the MCP community involved in making this happen!
Key updates to the authorization section 👇
Key updates to the authorization section 👇
TIL the point up emoji ☝️ doesn't work as a reaction on iMessage because Apple displays the emoji above the message it's a reaction to 😂
June 5, 2025 at 11:03 PM
TIL the point up emoji ☝️ doesn't work as a reaction on iMessage because Apple displays the emoji above the message it's a reaction to 😂
In two weeks I'll be speaking at @mcpdevsummit.bsky.social in San Francisco!
MCP has quickly reshaped how developers are building AI agents. My talk "Intro to OAuth for MCP Servers" will cover the basics of the MCP authorization protocol and set the stage for building secure MCP servers.
MCP has quickly reshaped how developers are building AI agents. My talk "Intro to OAuth for MCP Servers" will cover the basics of the MCP authorization protocol and set the stage for building secure MCP servers.
MCP Developers Summit - San Francisco - 2025
mcpdevsummit.ai
May 9, 2025 at 7:36 PM
In two weeks I'll be speaking at @mcpdevsummit.bsky.social in San Francisco!
MCP has quickly reshaped how developers are building AI agents. My talk "Intro to OAuth for MCP Servers" will cover the basics of the MCP authorization protocol and set the stage for building secure MCP servers.
MCP has quickly reshaped how developers are building AI agents. My talk "Intro to OAuth for MCP Servers" will cover the basics of the MCP authorization protocol and set the stage for building secure MCP servers.
Reposted by Aaron Parecki
🎤 Speaker Spotlight: Aaron Parecki, Director of Identity Standards at @okta
Learn how #OAuth applies to #MCP servers and why securing your #MCP server is critical
To attend this session and more register at buff.ly/NzqdbNE
@aaronpk.com #AI #LLM #ModelContextProtocol #MCPDevSummit
Learn how #OAuth applies to #MCP servers and why securing your #MCP server is critical
To attend this session and more register at buff.ly/NzqdbNE
@aaronpk.com #AI #LLM #ModelContextProtocol #MCPDevSummit
May 2, 2025 at 6:52 PM
🎤 Speaker Spotlight: Aaron Parecki, Director of Identity Standards at @okta
Learn how #OAuth applies to #MCP servers and why securing your #MCP server is critical
To attend this session and more register at buff.ly/NzqdbNE
@aaronpk.com #AI #LLM #ModelContextProtocol #MCPDevSummit
Learn how #OAuth applies to #MCP servers and why securing your #MCP server is critical
To attend this session and more register at buff.ly/NzqdbNE
@aaronpk.com #AI #LLM #ModelContextProtocol #MCPDevSummit
oh no I just realized tomorrow is Monday
April 14, 2025 at 4:18 AM
oh no I just realized tomorrow is Monday
Is it just me or does this current Model Context Protocol wave remind anyone of the early Web 2.0 days of everyone launching open APIs?
April 2, 2025 at 5:09 PM
Is it just me or does this current Model Context Protocol wave remind anyone of the early Web 2.0 days of everyone launching open APIs?
I've got 22 hours in Hong Kong on a layover and I'm staying overnight in a hotel near the old Kowloon Walled City. Any tips for what I should do on this very short trip?
March 28, 2025 at 9:55 AM
I've got 22 hours in Hong Kong on a layover and I'm staying overnight in a hotel near the old Kowloon Walled City. Any tips for what I should do on this very short trip?
The building that collapsed from the earthquake was right next to the train station we got off at when we arrived in Bangkok last weekend. We took the train from Chiang Mai to Chatuchak 😮
March 28, 2025 at 8:42 AM
The building that collapsed from the earthquake was right next to the train station we got off at when we arrived in Bangkok last weekend. We took the train from Chiang Mai to Chatuchak 😮
Chase sends 8-digit 2fa SMS codes, which seems excessive compared to the 6 that most other places use, but even weirder is that the first digit of them has always been the same, effectively making it a 7 digit code. Anyone know what's up with that?
February 16, 2025 at 1:56 AM
Chase sends 8-digit 2fa SMS codes, which seems excessive compared to the 6 that most other places use, but even weirder is that the first digit of them has always been the same, effectively making it a 7 digit code. Anyone know what's up with that?
At long last, the OAuth working group has finished the Best Current Practice for OAuth 2.0 Security and it was just published as RFC9700! This has been a long time in the works, and I'm very thankful to everyone who has helped out with it over the years! www.rfc-editor.org/rfc/rfc9700....
RFC 9700: Best Current Practice for OAuth 2.0 Security
This document describes best current security practice for OAuth 2.0. It updates
and extends the threat model and security advice given in RFCs 6749, 6750, and 6819 to incorporate practical experience...
www.rfc-editor.org
February 4, 2025 at 7:15 PM
At long last, the OAuth working group has finished the Best Current Practice for OAuth 2.0 Security and it was just published as RFC9700! This has been a long time in the works, and I'm very thankful to everyone who has helped out with it over the years! www.rfc-editor.org/rfc/rfc9700....
Every now and then I remember how in 2014 I mined $20 worth of dogecoin, then said this is stupid and exchanged it for 0.05 bitcoin sent to a brainwallet. I can't remember the seed phrase, so it's just stuck in the blockchain, and is now worth $5000
February 3, 2025 at 7:17 PM
Every now and then I remember how in 2014 I mined $20 worth of dogecoin, then said this is stupid and exchanged it for 0.05 bitcoin sent to a brainwallet. I can't remember the seed phrase, so it's just stuck in the blockchain, and is now worth $5000
I am still getting monthly emails saying I have a $0 balance from the tenant portal of the apartment we moved out of 18 months ago. Today I logged in to see if I can delete my account, but instead I see new maintenance requests from the last few months 😮
February 1, 2025 at 10:51 PM
I am still getting monthly emails saying I have a $0 balance from the tenant portal of the apartment we moved out of 18 months ago. Today I logged in to see if I can delete my account, but instead I see new maintenance requests from the last few months 😮
Goodbye Philips Hue 👋
I finally finished replacing all my Hue lights with Caseta switches.
While I will miss the color temperature control, I am excited that I can attach a switch anywhere that works and looks just like a normal switch, no wires needed!
I finally finished replacing all my Hue lights with Caseta switches.
While I will miss the color temperature control, I am excited that I can attach a switch anywhere that works and looks just like a normal switch, no wires needed!
January 4, 2025 at 3:31 AM
Goodbye Philips Hue 👋
I finally finished replacing all my Hue lights with Caseta switches.
While I will miss the color temperature control, I am excited that I can attach a switch anywhere that works and looks just like a normal switch, no wires needed!
I finally finished replacing all my Hue lights with Caseta switches.
While I will miss the color temperature control, I am excited that I can attach a switch anywhere that works and looks just like a normal switch, no wires needed!
Just made eight weeks of waffles, going into the freezer now. Took almost 2 hours to cook the 8 batches. I should really get a second waffle iron cause it would literally halve the amount of time this takes.
January 3, 2025 at 3:00 AM
Just made eight weeks of waffles, going into the freezer now. Took almost 2 hours to cook the 8 batches. I should really get a second waffle iron cause it would literally halve the amount of time this takes.
We still don't have power from the street yet so in the mean time, I wired an Anker battery into the breaker panel to power all the lights in the house
December 26, 2024 at 1:52 AM
We still don't have power from the street yet so in the mean time, I wired an Anker battery into the breaker panel to power all the lights in the house
It just occurred to me that YouTube is named after a completely obsolete technology
December 23, 2024 at 5:01 AM
It just occurred to me that YouTube is named after a completely obsolete technology
I really need to remember to put my phone on do not disturb when I'm doing electrical work. The buzz on my leg freaks me out every time ⚡️
December 9, 2024 at 10:51 PM
I really need to remember to put my phone on do not disturb when I'm doing electrical work. The buzz on my leg freaks me out every time ⚡️
The new iOS app icons dark mode is really messing with my brain. I can't recognize any of the icons at a glance anymore, it's like having to re-learn all the branding.
December 7, 2024 at 4:32 AM
The new iOS app icons dark mode is really messing with my brain. I can't recognize any of the icons at a glance anymore, it's like having to re-learn all the branding.
Just installed my first Lutron Caseta switch. Going to slowly convert all these switches over in the next few weeks. I do like how the switch is silent, no sound of a relay snapping.
December 3, 2024 at 1:08 AM
Just installed my first Lutron Caseta switch. Going to slowly convert all these switches over in the next few weeks. I do like how the switch is silent, no sound of a relay snapping.