/explore

Click through on any links that interest you or select the planets on the right to continue exploring the Outer Web.
You are here

mydeveloperplanet.com
| | josiahparry.com
1.6 parsecs away

Travel
| |
| | www.keycloak.org
2.0 parsecs away

Travel
| | Keycloak - the open source identity and access management solution. Add single-sign-on and authentication to applications and secure services with minimum effort.
| | blog.christianposta.com
1.7 parsecs away

Travel
| | In the previous blog, we dug into dynamically registering OAuth clients leveraging SPIFFE and SPIRE. We used SPIRE to issue software statements in the SPIFFE JWT SVID that Keycloak can trust as part of Dynamic Client Registration (RFC 7591). Once we have an OAuth client, we will want to continue to use SPIFFE to authenticate to our Authorization Server. This eliminates the need for a long-lived "client secret" which is common for Confidential OAuth. This means we can use the Agent or MCP client's identity (based on SPIFFE) for authorization flows based on OAuth. We dig into that in this blog.
| | www.shuttle.dev
15.1 parsecs away

Travel
| Using JSON Web Tokens (JWTs) when implementing authentication in a Rust API