Tagged articles

OAuth 2.0

7 articles · Page 1 of 1
Programmer XiaoFu
Programmer XiaoFu
Jun 17, 2026 · Information Security

Why JWT Requires Both Access and Refresh Tokens Instead of a Single Token

The article explains the inherent trade‑off of a single JWT’s expiration time, shows how using short‑lived Access Tokens together with long‑lived Refresh Tokens resolves both security and user‑experience issues, and provides detailed backend and frontend implementation guidance.

Access TokenJWTOAuth 2.0
0 likes · 11 min read
Why JWT Requires Both Access and Refresh Tokens Instead of a Single Token
Shuge Unlimited
Shuge Unlimited
May 25, 2026 · Information Security

Why Securing AI Agents Is a Nightmare: How Many Are Struggling?

The article analyzes the security challenges of large‑scale AI agents, explains why fine‑grained permission design is essential, critiques existing protocols like MCP, A2A, and CLI/GUI automation, and details the new ATH three‑party trusted handshake with code examples and a Python demo.

A2AAI agentsATH protocol
0 likes · 26 min read
Why Securing AI Agents Is a Nightmare: How Many Are Struggling?
Amazon Cloud Developers
Amazon Cloud Developers
Dec 22, 2025 · Information Security

How to Secure Agentic AI: Identity Authentication and Authorization Strategies

This guide analyzes recent Agentic AI security incidents, explains core identity concepts, compares 2‑leg and 3‑leg OAuth flows, highlights the confused‑deputy problem, and presents Amazon Bedrock AgentCore Identity solutions with concrete code and deployment steps to build a trustworthy end‑to‑end authentication and authorization system.

Agentic AIAmazon BedrockAuthorization
0 likes · 28 min read
How to Secure Agentic AI: Identity Authentication and Authorization Strategies
Amazon Cloud Developers
Amazon Cloud Developers
Nov 14, 2025 · Information Security

End-to-End Walkthrough: How AgentCore Identity Secures AI Agent Interactions

AgentCore Identity, an Amazon Bedrock service, offers centralized agent identity management, secure token storage, native OAuth 2.0 support, and fine-grained access control, enabling AI agents to authenticate users, retrieve and store credentials safely, and perform actions such as scheduling Google Calendar events through a detailed end-to-end flow.

AI Agent SecurityAgentCore IdentityAmazon Bedrock
0 likes · 14 min read
End-to-End Walkthrough: How AgentCore Identity Secures AI Agent Interactions
System Architect Go
System Architect Go
Jan 28, 2021 · Information Security

OAuth 2.0 Authorization Code and Implicit Grant Flows

This article explains the OAuth 2.0 protocol, describes its four grant types, focuses on the Authorization Code and Implicit flows, outlines the involved roles, token types, client registration steps, and provides detailed request‑response examples for both grant types.

Access TokenImplicit GrantOAuth 2.0
0 likes · 8 min read
OAuth 2.0 Authorization Code and Implicit Grant Flows
Tencent Cloud Developer
Tencent Cloud Developer
Apr 12, 2019 · Information Security

Comprehensive Overview of Authentication: From Historical Tokens to Modern OAuth 2.0 and WeChat Mini‑Program Practices

The article surveys authentication from ancient token methods to modern password and session techniques, explains OAuth 2.0 flows and their adaptation for WeChat Mini‑Programs—including access‑token retrieval, simplified client‑credentials grants, and cloud‑call automation—while also previewing future trends such as biometrics, blockchain‑based decentralization, and AI‑driven trust models.

OAuth 2.0TokenWeChat Mini Program
0 likes · 13 min read
Comprehensive Overview of Authentication: From Historical Tokens to Modern OAuth 2.0 and WeChat Mini‑Program Practices