Y
Hacker News
new
|
ask
|
show
|
jobs
by
rrobukef
883 days ago
OIDC/oAuth seems like the solution: make it somebody else's problem. But OIDC tokens can be stolen, they can change domains because of misconfiguration or bad redirect urls.