That's a wrap on @secworkshop - I added a last minute unconference presentation on Friday evening that I titled "OAuth Clients Suck". My big takeaway was @samuelgoto & @timcappalli 's presentation on FedCM, resulting in a session on how we might improve OpenBanking UX using it.

🌟 @secworkshop is back again for the 9th time: deep technical discussions, involving #digitalidentity standards, OAuth2, OpenID and similar solutions. Our lead security engineer Aivo Kalu takes the floor with topics below. Thanks @e_riik for an interesting challenge!

#Authlete is sponsoring and presenting at the #OAuth Security Workshop 2024 and the 2nd International Workshop on Trends in Digital Identity, happening in Rome from April 9-12. Due to popular demand, we'll be bringing back our special OSW-themed T-shirts! https://t.co/uOT4rnToo4

A big thank you to our sponsors @authlete, @AWS, @DuendeIdentity, @openid, and @udelt_as!

There is still time until Sunday to propose a session on the topic you're working on if you want to see it on the schedule, but you can also do so on-site.

The 9th OAuth Security Workshop is set to take place on April 10-12 in Rome, Italy! This year hosted by Fondazione Bruno Kessler - FBK and colocated with the 2nd International Workshop on Trends in Digital Identity. https://t.co/CQS8lGbK63

The redirect_uri validation in the #OAuth SDK incorporates new lessons from the OAuth Security Workshop 2023 https://t.co/LnrvtDPoWN

Having great fun with @PhilippeDeRyck at the #osw 2023

https://t.co/qvsjxcpltb

Second day social event — in the impressive picture gallery of @RoyalHolloway #osw8

Vladimir Dzhuvinov (@dzhuvi) is giving a presentation about OpenID Connect Federation 1.0 on the second day of OAuth Security Workshop 2023. The specification is one of the most complex ones in the OAuth/OIDC area. #osw8

"Formal Verification of the Cedar Policy Language" by Darin McAdams, on the second day of OAuth Security Workshop 2023. #osw8

Keynote "Programming Engineers: How Standards Shape the Way We Work" by Justin Richer (@justin__richer), on the second day of OAuth Security Workshop 2023. #osw8

Joseph Heenan (@josephheenan) and Dr. Daniel Fett (@dfett42) started their session, "Tutorial: High-security & interoperable OAuth 2: What’s the latest?" on the second day of OAuth Security Workshop 2023. #osw8

Invited Talk "Formal Analysis" by Jonathan Hoyland, researcher at Cloudflare, on the second day of OAuth Security Workshop 2023. #osw8

"Identity Theft using In-Browser Communications in Dual-Window Single Sign-On" by Louis Jannett, on the second day of OAuth Security Workshop 2023. #osw8

Day two of #osw8 underway!

#OAuth crowd at Windsor Castle #osw8

Justin Richer (@justin__richer) started his presentation about RFC 9396 OAuth 2.0 Rich Authorization Requests (RAR) on the first day of OAuth Security Workshop 2023. #osw8

Talks and workshops now in full swing. #osw8