libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

link current best practice for OAuth

Browse source 
It could also be considered to link the oauth.net website (https://oauth.net/2/oauth-best-practice/) instead to always point to the most recent document.
This commit is contained in:
Fritz Oscar 2020-05-06 14:20:29 +02:00 committed by Bruno Oliveira da Silva
parent 17d1819101
commit d9bc99962e
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
server_admin/topics/threat.adoc
View file

@ -3,6 +3,6 @@
This chapter discusses possible security vulnerabilities any authentication server could have and how {project_name}
mitigates those vulnerabilities.
A good list of potential vulnerabilities and what security implementations should do to mitigate them can be found in
the https://tools.ietf.org/html/rfc6819[OAuth 2.0 Threat Model] document put out by the IETF.
the https://tools.ietf.org/html/rfc6819[OAuth 2.0 Threat Model] document and its most recent extension https://tools.ietf.org/html/draft-ietf-oauth-security-topics-15[OAuth 2.0 Security Best Current Practice] put out by the IETF.
Many of those vulnerabilities are discussed here.