All around the web, we see a clear trend : less user accounts, single sign on everywhere.
This tendancy has multiple advantages :
- less passwords to remind
- great security and authentication tools such as webauthn
- higher security with competent providers
Can we imagine other applications for oauth2 ?
Is it necessarily for web, mobile or desktop apps ?
First, an approach about physical keys.
We will take a tour of Tesla REST APIs and authentication, how oauth2 can open and start a $100 000 car ?
Please-open.it has developped a solution based on oauth2 with keycloak and some little workarounds for access control.
- Why physical security is related to infrastructure and data security ?
- OAuth 2.0 roles as defined in the specification : can we have the same approach for physical access ?
- How can we open a door with an oauth2 provider account ?
- Turnover is the biggest problem, why oauth2 is the best solution for inboarding/outboarding ?
- Becoming an "oauth2 provider for doors", why and how ?
- biggest challenge : authorizations
- more situations...