At Curity, we work with OAuth daily, and our team is exceptionally knowledgeable on the topic. So naturally, we’re keen to share our expertise; this time, Gary Archer has recently written two articles on OAuth vulnerabilities published in the Nordic APIs blog.
The first piece deals with common OAuth vulnerabilities found in web and mobile apps in 2021. Gary lists the risks associated with developing web and mobile clients and presents available mitigations.
The second article Top OAuth API Vulnerabilities focuses on common OAuth weaknesses when developing and hosting APIs and suggests appropriate solutions to improve security.