-
-
Today there's no way to invalidate an auth token via the API. Which means when a user logs out via the UI, the frontend can't tell the backend to remove the active token connected to the user. This to…
-
**Description:**
The Access Token design pattern is crucial for managing secure communication between microservices. This pattern involves the use of tokens, typically JWT (JSON Web Tokens), to verify…
-
https://github.com/SaiUpadhyayula/angular-reddit-clone/blob/598e431a2861e1b1586ee1ffd4555a1ea059861d/src/app/auth/shared/auth.service.ts#L46
Storing JWTs in local storage is a security risk in acco…
-
### Task Topic
Other
### Task Description
Configure repository security and analysis using GitHub Secuirty Settings
## Tasks
- [ ] Private vulnerability reporting
- [ ] Dependency graph
- […
-
(from https://github.com/haskell/cabal/pull/10331/files#r1748758142 ff.)
I should note that, if the default token _does_ in fact have permissions to make releases, what other permissions does it ha…
-
### Describe the feature
i want to add Access Token & Refresh Token for seamless auth in website hear is benefit for adding it ,
-> Improved Security: Access tokens and refresh tokens help in maint…
-
We need to review the CDK layer build pipeline as well as the tokens used in the pipeline.
-
**Opting for keys over OIDC (OpenID Connect) for authentication is a decision rooted in outdated practices, lacking the foresight and efficiency of modern security standards.**
- **Security Considera…
-
### What are you trying to do?
Tailscale's whole selling point is that they don't want my passwords. They achieve this through OIDC and works beautifully for humans. However for servers the best ta…