[jofzar]

> Instead of spending hours getting two or three systems to integrate with mine with the proper OAuth scopes or SAML and so on

As someone who's job is handling oauth and saml scope, I am not convinced anyone can get these right.

Saml atleast acts nice, oauth on the other hand is a fucking nightmare.

[elgertam]

Every time I request the wrong OAuth scope that doesn't have the authorization to do what I need, then make a failing request, I hear Jim Gaffigan affecting a funny authoritative voice saying, "No." I can't be the only one who defensively requests too much authority beyond what I need with extra OAuth scopes, hoping one of them will give me the correct access. I've had much better luck with LLMs telling me exactly which scopes to select.

[throwup238]

I always hear Little Britain’s “computer says nooooo”

[Tade0]

And the libraries provided by the various OAuth vendors are only adding fuel to the fire.

A while ago I spent some time debugging a superfluous redirect and the reason was that the library would always kick off with a "not authenticated" when it didn't find stored tokens, even if it was redirecting back after successful log in (as the tokens weren't stored yet).

[driftnode]

oauth is the one area where I genuinely trust the LLM more than myself. not because it gets it right but because at least it reads all the docs instead of rage-quitting after the third wrong scope