Device Flow <draft-ietf-oauth-device-flow-03>

Slides:



Advertisements
Similar presentations
PCT303 – Content Publishing in SharePoint Eugene Rosenfeld Black Blade Associates
Advertisements

Performance Challenges for the Open Web Stanford CS193H 29 September 2008.
Attie Naude 14 May 2013 Windows Azure Mobile Services.
Enterprise -> Cloud Outline –Enterprises have many apps outside their control public cloud; business partner applications –Using standards-based SSO (SAML,
IETF OAuth Proof-of-Possession
Hannes Tschofenig, Blaine Cook (IETF#79, Beijing).
Hannes Tschofenig (IETF#79, SAAG, Beijing). Acknowledgements I would like to thank to Pasi Eronen. I am re- using some of his slides in this presentation.
Hannes Tschofenig MIT CFP Privacy & Security Working Group Feb. 2 nd 2011.
Convergent Newsroom Schedule and Road Map. Unify the User Interface Design Development of the user interface was done in parallel, so the parts need.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Web Service Description KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.
Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.
Creating Signatures at User Agents Comparing Transport Bindings.
RTCWEB Signaling Matthew Kaufman. Scope Web Server Browser.
Designing System for Internet Commerce 6. Functional Architecture Jinwon Lee.
Chad La Joie Shibboleth’s Future.
IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig.
Hannes Tschofenig, Blaine Cook. 6/4/2016 IETF #77, SAAG 2 The Problem.
1 3GPP2 GBA Overview Adrian Escott Chair, TSG-S WG4 24 May 2006.
Observations from the OAuth Feature Survey Mike Jones March 14, 2013 IETF 86.
Case Study.  Client needed to build data collection agents for various mobile platform  This needs to be integrated with the existing J2ee server 
App Interaction Framework Jonathan Rosenberg dynamicsoft.
Esri UC 2014 | Demo Theater | Using ArcGIS Online App Logins in Node.js James Tedrick.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
Security Hannes Tschofenig. Goal for this Meeting Use the next 2 hours to determine what the security consideration section of the OAuth draft(s) should.
Automate Blue Button Initiative Pull Workgroup Meeting December 13, 2012.
Secure Mobile Development with NetIQ Access Manager
OpenID Connect Working Group May 10, 2016 Mike Jones Identity Standards Architect – Microsoft.
Towards Lemonade Profile Version 2 August 3, 2005 IETF 63 - Lemonade 1 Lemonade New Drafts Towards Version 2 of Lemonade Profile Stéphane H. Maes,
Sharique Ali Khan. THE HUNTERS:  seekers of ??  Friends searches THE PROVIDERS:  Ordinary people in need of some help  Friends / Employers  Emergency.
Web Authorization Protocol WG Hannes Tschofenig, Derek Atkins.
Section 10.1 Define scripting
Progress Apama Fundamentals
Dr. Michael B. Jones Identity Standards Architect at Microsoft
4/18/2018 1:15 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
MQTT-255 Support alternate authenticaion mechanisms
Hannes Tschofenig, Derek Atkins
Phil Hunt, Hannes Tschofenig
Technology Strategy Update
J. Bradley Sanso H. Tschofenig
App Interaction Framework
Cryptography and Network Security Chapter 16
EMV® 3-D Secure - High Level Overview
Agenda OAuth WG IETF 87 July, 2013.
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
SOLUTION FOR YAHOO TWO STEP VERIFICATION NOT WORKING
IETF101 London Web Authorization Protocol (OAuth)
OpenID Enhanced Authentication Profile (EAP) Working Group
OpenID Connect Working Group
IOS SDK v1.0 with NAM 4.2.
OpenID Connect Working Group
A few recent days in the news…
Building communicating web applications leveraging endpoints and cloud resource service Problem Summary: aRtisy (R-T-C) is a developer platform and SDK.
Web Authorization Protocol (oauth)
SharePoint Online Authentication Patterns
Design Components are Code Components
Office 365 Development.
ARCHITECTURE OVERVIEW
Token-based Authentication
Workflow print Managing.
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
D Guidance 26-Jun: Would like to see a refresh of this title slide
A Firmware Update Architecture for Internet of Things Devices
Web Authorization Protocol (OAuth)
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
HIP – FAS flows addendum to the OIDC integration guide for eBox HIPs.
Presentation transcript:

Device Flow <draft-ietf-oauth-device-flow-03> W. Denniss, S. Myrseth/S. Moffatt, J. Bradley, M. Jones, H. Tschofenig

Scope Use case when an OAuth interaction gets "outsourced" to a separate device in order to allow user authentication and collecting the consent. Useful for devices that have limited user interface capabilities.

Issue#1: Polling The AS polls the device for the authorization code. This is not a problem when the user completes the authentication and consent step quickly.

Do we need more than polling? Aaron Parecki : “beauty of the current device flow spec is that it's so simple” William Denniss: “I like the idea of adding HTTP/2 based long-poll as an optional enhancement” “the polling gets the job done” Simon Moffatt: “ForgeRock implemented the AS part of the device flow in January. “ “Simplicity is key here.” “running an HTTP stack on the device, is maybe overkill for some deployments though” Torsten Lodderstedt: “OpenID MODRNA working group, we are working on specs facing similar challenges and decided to offer both pull and push style communication”

Issue#2: User Interface Authorization server provides User Code & Verification URI to the user. User enters these on separate device. What guidance can be given to improve user interaction and improve experience?

Issue#3: Alternative Contact Mechanisms Current mechanism User Code Verification URI Device Client Authorization Server User Browser User Code Verification URI

Alternative Contact Mechanisms Example alternative SMS with User Code Phone # User Device Client User Code User Code Authorization Server

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.