{R}R 開発ノート
合計 7 件の記事が見つかりました。
Chapter 16: Zero Trust Identity — When Every Request Is an Authentication Decision
Chapter 16 of the OpenID: Modern Identity series — Zero Trust identity: identity as the perimeter instead of the network, continuous verification via CAEP, and device trust and conditional access feeding into authorization decisions.
2026-03-22
Chapter 15: FAPI and High-Stakes Security — When the Defaults Aren't Enough
Chapter 15 of the OpenID: Modern Identity series — FAPI for high-stakes scenarios: what FAPI 1.0 Advanced and 2.0 require, Pushed Authorization Requests (PAR), JWT-Secured Authorization Requests (JAR), and migrating from FAPI 1.0 Advanced to FAPI 2.0.
2026-03-21
Chapter 14: Hardening Your Identity Stack — Setting the Defaults That Keep You Safe
Chapter 14 of the OpenID: Modern Identity series — hardening defaults that neutralize common attacks: strict redirect URI matching, audience validation to solve the confused deputy problem, token lifetime tuning, and refresh token binding, rotation, and revocation.
2026-03-20
Chapter 10: Single Sign-On at Scale — Identity as Infrastructure
Chapter 10 of the OpenID: Modern Identity series — running identity at organizational scale: corporate IdPs (AD, Entra ID), the CIAM vendor ecosystem (Okta, Auth0, Entra ID), multi-tenant isolation, account linking, and external user access.
2026-03-16
Chapter 8: Securing Backend APIs — Bearer Tokens, Scopes, and Service-to-Service
Chapter 8 of the OpenID: Modern Identity series — securing backend APIs with bearer tokens, scope design for least privilege, token introspection versus local JWT validation, and the three mechanisms for service-to-service authentication.
2026-03-14
Chapter 5: Tokens in Depth — What's Actually in That JWT
Chapter 5 of the OpenID: Modern Identity series — what's really inside an ID Token, Access Token, and Refresh Token, how JWTs are structured, how to validate signatures correctly, and how DPoP and mTLS bind tokens to their legitimate holders.
2026-03-11
OpenID: Modern Identity for Developers and Architects — A 22-Part Blog Series
Introduction and index for the 22-part blog series based on OpenID: Modern Identity for Developers and Architects by Sho Shimoda — with links to every chapter from Why Identity Is Hard through Identity in AI Systems.
2026-03-06
カテゴリー
タグ
検索ログ
Hello World bot 939
IT assistant bot 877
Deploy Teams bot to Azure 875
Microsoft Bot Framework 849
Azure CLI webapp deploy 820
Adaptive Card Action.Submit 781
Teams bot development 776
Bot Framework example 754
Adaptive Cards 752
Microsoft Graph 749
Bot Framework Adaptive Card 748
Graph API token 743
Teams app zip 741
Microsoft Teams Task Modules 740
Teams bot packaging 738
C 731
Teams bot tutorial 731
Teams production bot 731
Task Modules 729
bot for sprint updates 728
Zendesk Teams integration 726
Azure Bot Services 725
Azure App Service bot 724
Teams chatbot 722
Bot Framework CLI 719
ServiceNow bot 715
Azure bot registration 710
Bot Framework proactive messaging 710
Bot Framework prompts 708
proactive messages 694
Development & Technical Consulting
Working on a new product or exploring a technical idea? We help teams with system design, architecture reviews, requirements definition, proof-of-concept development, and full implementation. Whether you need a quick technical assessment or end-to-end support, feel free to reach out.
Contact Us