Everything required to test a novel OAuth 2.0 implementation.

Well, you may have heard of OAuth as a third-party authorization delegation service, but we need a set of test cases and some context. I’ll explain everything you need to know about OAuth from a security standpoint and provide a clear list of test cases so you can report high severity issues on your next engagement. This guide will cover the Authorization Code Grant flow. After reading this article, you should have enough context to devise your own test cases for the remaining authorization flows.

What is OAuth? 😕

OAuth is an attempt to migrate authorization to a third party service. It allows a…

Hari Krish

Ethical Hacker | Security Analyst | Rider🌪 | Traveller🙋 | IT Professional😎 | Nature🐅🌾 lover & Wildlife🐘 activist |

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store