I am creating an ASP.NET web application and currently running it with Visual Studio's built in IIS Express. It normally starts up on localhost and runs just fine. However, one of the external API'...

Can someone give me the regex to match a valid AWS Cognito password - with numbers, special characters (their list), lower and upper case letters The AWS Cognito default length limit is 6 character...

Code is .NET 8, using Microsoft.AspNetCore.Authentication.JwtBearer authentication. This is my first time implementing JWT on my REST server, so I suspect it may be a newbie mistake. Can you spot w...

I´m having hard time to use GraphQL with Python since the suggested library: gql is completely undocumented. How ever I found out that to provide the api url I need to pass a RequestsHTTPTransport...

I have followed the Google cloud speech API quickstart of requesting API by using curl -s -H "Content-Type: application/json" \ -H "Authorization: Bearer "$(gcloud auth applica...

Having a few minor issues with role based authorization with dotnet core 2.2.3 and Keycloak 4.5.0. In Keycloak, I've defined a role of 'tester' and a client role 'developer' with appropriate role m...

How can I verify a Google authentication access token? I need to somehow query Google and ask: Is [given access token] valid for the [[email protected]] Google account? Short version It's clea...

I followed the tutorial in the readme of the omniauth-google-oauth2 gem and when I click the link on my root (@ pages#home), <%= link_to "Sign up with Google", user_google_oauth2_omniauth_author...

My main objective is to store the client-id of the each user, once they login with google. This github repo contains most of what I needed till now. The two main files of concern are OAuthSecurityC...

05:49:02,840 ERROR [org.jboss.as.controller.management-operation] (Controller Boot Thread) WFLYCTL0013: Operation ("add") failed - address: ([("subsystem" => "microprofi...

I have a Facebook Page that I want to get some things from it. First thing are feeds and from what I read they are public (no need for access_token). But I want to also get the events... and they a...

I have been trying to use google OAuth service and got a terrible error, which doesnt seem to be just working at all. nor does this work, How to resolve this properly?

I'm trying to wrap my head around oauth with a React Native app and a separate NodeJS/Express API backend. I understand https://github.com/adamjmcgrath/react-native-simple-auth offers authenticatio...

Important notice: If you register for testing, go to your profile settings and to your interests add delete profile. Trying to login with Facebook to my website: I get the following error: U...

I am trying to create a Android project where I authorize a user by having him log into Amazon Cognito in a browser, which should then redirect back to my app. Unfortunately, when the browser opens...

OAuth 2.0 defines "state" parameter to be sent in request by client to prevent cross-site request attacks. Same is mentioned in OpenID spec for "nonce". Apart from the fact that "nonce" is returned...

I'm trying to add Spotify auth to my single page react application following the doc from their api. So far this is how I generate the codes based on solutions I found online: const generateVerifie...

Is there any way to validate my OAuth token for the github API? By 'token' I mean the one I get after the user has logged in to my website. I store it on the client computer using cookies, but just...

I've been working on the ebaySDK for most of the week. I've managed to integrate the Trading and Shopping APIs into my project. For the trading API, I was using an Auth n Auth token which has a val...

Using Clerk Auth, I have a working login/sign-up flow with Next.js 13 middleware. When a user signs up, I want to add a row to my DB's Users table. The problem with middleware is that it runs on ev...

I've been working with authentication providers and custom implementations of authentication at the application level, and I can't still wrap my head around these 2 concepts entirely. I understand ...

Section 4.2 of the draft OAuth 2.0 protocol indicates that an authorization server can return both an access_token (which is used to authenticate oneself with a resource) as well as a refresh_token...

I'm making an authorization system in PHP, and I came across this Bearer scheme of passing JWT tokens, I read [RFC 6750][1]. I've got the following doubts: How is this improving the security? The ...

I am trying to invoke some backend system which is secured by a client_credentials grant type from a Feign client application. The access token from the backend system can be retrieved with the fol...

I'm writing a command-line tool that will need to interact with a webservice, and I would like to be able to authenticate it using the user's ssh key. I'm wondering if I can do something like this:...