【GA4連携】Google OAuth審査を「最後の申請作業」だと思っていたらリリースが飛びかけた話
https://qiita.com/andy_yu/items/78277c566d32d73e0971?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #OAuth #ポエム #GoogleCloud #GoogleOAuth #GA4

【GA4連携】Google OAuth審査を「最後の申請作業」だと思っていたらリリースが飛びかけた話 - Qiita

この記事について Google API を使う新規サービスで、sensitive scope を使ったために Google OAuth 審査が必要になり、それを開発の最後に回した結果、リリース予定日の5日前にようやく承認が下りた——という失敗談です。 結果的には間に合いま...

Qiita

Human Error Exposes Security Breaches Despite AI Advances

Despite advancements in AI, human error continues to expose security breaches, as seen in a recent Salesforce supply-chain compromise where a legacy credential was exploited. A company called Klue, which integrates with Salesforce, was compromised when attackers used OAuth tokens to access customer data.

https://osintsights.com/human-error-exposes-security-breaches-despite-ai-advances?utm_source=mastodon&utm_medium=social

#SupplyChain #Salesforce #Oauth #EmergingThreats #AiTransparency

Human Error Exposes Security Breaches Despite AI Advances

Learn how human error still exposes security breaches despite AI advances and find out what you can do to protect your business from OAuth token abuse today.

OSINTSights

📰 New 'Icarus' Extortion Group Hits Klue, Steals Customer Salesforce Data via OAuth Attack

🚨 SaaS Breach: New extortion group 'Icarus' claims attack on Klue, stealing customer data from Salesforce. Attackers abused stolen OAuth tokens to bypass logins & access CRM data via the trusted app integration. #SaaS #DataBreach #OAuth

🌐 cyber[.]netsecops[.]io

🔗 https://cyber.netsecops.io/articles/icarus-group-claims-klue-breach-stealing-salesforce-data-via-oauth-tokens/?utm…

I‘m looking for SkyDeck users using OAuth
How often do you need to sign-in again? Which PDS are you using?

#Bluesky #OAuth #Feedback

Watch Now: https://zurl.co/KlbgB

Configuring OAuth Consent Screen & Creating Client Credentials | Step-by-Step Guide | Salesforce Data Cloud

#SalesforceDataCloud #OAuth #GoogleCloud #APIIntegration #ClientCredentials #OAuthConsentScreen #PeoplewooSkills #Salesforce #Authentication #DeveloperTutorial

Configuring OAuth Consent Screen & Creating Client Credentials | Step-by-Step Guide

YouTube

أعلنت Cloudflare عن إطلاق ميزة OAuth ذاتية الإدارة، مما يتيح لجميع المطورين إنشاء وإدارة عملاء OAuth للوصول المفوّض إلى واجهة برمجة التطبيقات. هذا التحديث يوسع توفر OAuth ليشمل جميع المطورين بدلاً من الشركاء المحددين فقط. وقد جاء هذا التوسع مدعومًا بترقيات رئيسية لمنصة OAuth الخاصة بـ Cloudflare، مما عزز موافقات المستخدمين، وإلغاء الصلاحيات، والأمان، بالإضافة إلى تحسين أداء المنصة وموثوقيتها بشكل عام.

#Cloudflare #OAuth

📢 Attaque supply chain via Klue : données Salesforce volées chez 9 entreprises de cybersécurité
📝 ## 🗓️ Contexte

Source : CybersecurityNews — publié le 22 juin 2026.
📖 cyberveille : https://cyberveille.ch/posts/2026-06-26-attaque-supply-chain-via-klue-donnees-salesforce-volees-chez-9-entreprises-de-cybersecurite/
🌐 source : https://cybersecuritynews.com/klue-hack-cybersecurity-companies/
#Icarus #OAuth #Cyberveille

Attaque supply chain via Klue : données Salesforce volées chez 9 entreprises de cybersécurité

🗓️ Contexte Source : CybersecurityNews — publié le 22 juin 2026. Cet article rapporte une attaque de type supply chain ciblant la plateforme de market intelligence Klue, ayant conduit à l’exfiltration de données CRM Salesforce chez au moins neuf organisations clientes. 🔓 Vecteur d’accès initial L’attaque a débuté les 11 et 12 juin 2026 via l’utilisation d’un credential legacy compromis associé à un compte de service d’intégration. Les attaquants ont ensuite poussé une mise à jour de code malveillante afin de collecter des tokens OAuth, permettant l’accès aux plateformes tierces connectées à Klue.

CyberVeille

A June 2026 U.S. executive order mandates PQC migration by 2030. This guide covers NIST ML-KEM/ML-DSA standards, Keycloak post-quantum JWT signing, hybrid TLS migration, and SAML certificate upgrades for OAuth 2.0 identity infrastructure.

https://iamdevbox.com/posts/post-quantum-cryptography-migration-identity-infrastructure-2026/?utm_source=mastodon&utm_medium=social&utm_campaign=blog_post

#postquantumcryptography #pqc #identitysecurity #oauth #keycloak

Auth0 has three session layers, four refresh token variants, DPoP, back-channel logout, a Session Management API, and Actions that can override all of it at runtime.

Every option explained with pros/cons and when to combine them.

https://tobytes.com/articles/auth0-session-token-management-options-explained

#Auth0 #Identity #OAuth

Auth0 Session and Token Management: Every Option Explained

Auth0 gives you a lot of knobs to turn when it comes to sessions and tokens — enough that the choices start to blur together. This post maps out every option, what it does, when you'd reach for it, and how they work together for different application types.

🌗 全面開放 OAuth:解鎖 Cloudflare 應用程式生態系統
➤ 從 API Token 到 OAuth 的轉型之路:Cloudflare 的架構升級挑戰
https://blog.cloudflare.com/oauth-for-all/
Cloudflare 近期宣佈全面開放「自主管理 OAuth」功能,此舉標誌著其開發者平臺的一大躍進。過去,第三方 OAuth 僅限於少數合作夥伴,開發者多半隻能依賴安全性較差且難以管理的 API Token。透過此次升級,Cloudflare 完善了權限模型、同意介面及安全性設計,讓開發者能更靈活地打造 SaaS 整合與代理型工具(Agentic tools)。本文詳細回顧了 Cloudflare 如何在不中斷服務的前提下,完成底層 OAuth 引擎 Hydra 的重大版本遷移與升級,展現了高難度架構升級的工程實力。
+ 這對開發者來說簡直是福音!以前管理 API Token 的權限範圍真的讓人很頭痛,終於可以用標準的 OAuth 流程來控管了。
+
#技術架構 #OAuth #Cloudflare #API 整合 #軟體工程
Unlocking the Cloudflare app ecosystem with OAuth for all

Self-Managed OAuth is now available to all developers on Cloudflare. Here's how we executed a zero-downtime migration of our core OAuth engine to make it happen.

The Cloudflare Blog