undefined | Better HN

0 pointsjofzar4d ago0 comments

> Instead of spending hours getting two or three systems to integrate with mine with the proper OAuth scopes or SAML and so on

As someone who's job is handling oauth and saml scope, I am not convinced anyone can get these right.

Saml atleast acts nice, oauth on the other hand is a fucking nightmare.

0 comments

elgertam4d ago

Every time I request the wrong OAuth scope that doesn't have the authorization to do what I need, then make a failing request, I hear Jim Gaffigan affecting a funny authoritative voice saying, "No." I can't be the only one who defensively requests too much authority beyond what I need with extra OAuth scopes, hoping one of them will give me the correct access. I've had much better luck with LLMs telling me exactly which scopes to select.

throwup2383d ago

I always hear Little Britain’s “computer says nooooo”

driftnode3d ago

oauth is the one area where I genuinely trust the LLM more than myself. not because it gets it right but because at least it reads all the docs instead of rage-quitting after the third wrong scope

Tade04d ago

And the libraries provided by the various OAuth vendors are only adding fuel to the fire.

A while ago I spent some time debugging a superfluous redirect and the reason was that the library would always kick off with a "not authenticated" when it didn't find stored tokens, even if it was redirecting back after successful log in (as the tokens weren't stored yet).

j / k navigate · click thread line to collapse