HackerTrans
TopNewTrendsCommentsPastAskShowJobs

robotdan

no profile record

comments

robotdan
·vor 4 Jahren·discuss
This is a good point. Keeping it simple is always a good engineering choice.

I think one of the reasons JWTs come up so often is that if you are going to use OAuth2/OpenID Connect - ideally the Authorization Code grant, then tokens become an important component.

And many IdPs implement the OAuth2 access token as a JWT. So it may be that your IdP ends up making this choice for you. Then you have to learn how to deal with JWTs.
robotdan
·vor 5 Jahren·discuss
He he... enjoy. Hopefully this doesn't trigger any nightmares. https://twitter.com/bpontarelli/status/1099067076138827776?s...
robotdan
·vor 5 Jahren·discuss
This thread makes me feel better with struggling to implement this. I'm not the only one.
robotdan
·vor 5 Jahren·discuss
To add to this... not trying to hide anything on purpose. :-) https://github.com/robotdan https://www.linkedin.com/in/robotdan/
robotdan
·vor 5 Jahren·discuss
Thanks for the mention. We already do see quite a few Auth0 converts. I expect to gain a lot of new customers as a result of this merger in the coming months. No complaints here.
robotdan
·vor 5 Jahren·discuss
>> and integrated over time > I'm reading too much into this sentence fragment and it fills me with fear.

Lol!
robotdan
·vor 5 Jahren·discuss
> + Redhat seems quite invested in it, so it has corporate backing. This could also be a bad thing, depending on your view of Redhat and which direction they take the product.

Yes, true. :-) We'll see if IBM feels the same way.

https://www.servethehome.com/red-hat-goes-full-ibm-and-says-... http://techrights.org/2020/08/02/red-hat-layoffs/
robotdan
·vor 5 Jahren·discuss
Nailed it.
robotdan
·vor 5 Jahren·discuss
I think @tremon is just getting at that auth must be considered critical, and thus you should maintain some level of skill and competency to ensure you don't get blindsided.

Perhaps the distinction is just because something isn't a "core competency" does not mean it is not critical. And just because it isn't a "core competency" doesn't mean you can afford to be ignorant on the topic.
robotdan
·vor 5 Jahren·discuss
I don't know that I'd even refer to this at outsourcing. If you can run it on premise, it is just "not building it yourself".
robotdan
·vor 5 Jahren·discuss
Yes, this is an excellent choice as long as all of yours apps live in the Ruby world.
robotdan
·vor 6 Jahren·discuss
I hope IBM/Red Hat have more sense than this, but time will tell. It may not make sense for them to maintain Keycloak with all of IBMs identity solutions.