Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
-
Yes, of course! How did I ever expect this to work? I was really stupid not to see this. THIS was the logic error! Of course this couldn't possibly have worked. This will surely fix it.
.
.
.
*Still not working*1 -
I'm convinced no one really understands OAuth2, probably not even the creators.
Every blog, articles and tutorial, you have people saying don't do this, don't do that. Basically, no one agrees on a single implementation.
Want to use passwords for auth in a first party system you fully own? Apparently, that's unsafe.
Hmmm, what about magic links for passwordless auth? Also not safe you say?
Okay, I believe Okta just wants people to use their services, nothing else.15 -
Auth0 and Okta merge.... Is Cognito the only other major player here? This merge now makes an Auth monopoly!7
-
Okta emailed me trying to sell their SSO gubbins.
I actually quite like the idea of being able to abstract away all the providers people might want to log in with, and making it someone else's job to check whether those providers are trustworthy.
But the email is copied to every permutation of my name/surname/initials etc @mydomain.com.
They had no legitimate way to obtain my email address for marketing purposes, so they just guessed it.
And I'm supposed to believe no corners will be cut and no bodges applied in making sure the user is who he claims to be?3 -
i have a question for you. You work for an industry, a factory, in house. You have only one developer to help you.
They ask you for an app to store production and get reports. Ok
Then before a year passed, they want you to start making apps for: project managment, hr 360 evaluation, implementation of SSO without paying a third party service (like auth0 or okta)
Would you feel comfortable, even if the proper time was given, to get involved with so many different domains without anyone above you having any idea about software lifecycle and development?4 -
I was able to replace Okta Verify with an open source Python script and Android app and I wrote a tutorial for it:
https://battlepenguin.com/tech/...
Unfortunately it won't work for our companies VPN which requires Okta Push. After fighting with Security for a bit, it looks like I'll have to do a Part II where I reverse engineer the Okta Verify protocol.
Top Tags
Weekly Rant
View