oauth

Asking about this since the NSA recently published guidance advising the public and private sectors to transition to cryptographic algorithms that are no less than sha384 & ec384 (elliptic curves).

While Edwards' Curves are different, its worth noting that prior to this update sha256 & secp256k1 were both on the list of acceptable cryptographic algorithms. My deduction was that 128-bit securit

Description 📓

I want to be able to get my credentials providers input fields using the Client API from /api/auth/providers. I'm not able to do that with import { getProviders } from "next-auth/react" in 4.0.0-beta.6

The providers client API doesn't give the same fields as the default sign-in page providers object. I don't get access to providers["credentials"].credentials obje

When trying to run tailscaled in a FreeBSD jail, it produces this error:

# tailscaled
logtail started
Program starting: v1.10.0, Go 1.16.7: []string{"tailscaled"}
LogID: 2a3b18aa8ca610c035fa561e92de5aa2113e31ea008a574d5e7a89a3690d212e
logpolicy: using system state directory "/var/db/tailscale"
creating link monitor: devd dial error: dial unixpacket /var/run/devd.seqpacket.pipe: conn

Is your feature request related to a problem? Please describe.

The public key-based request signing functionality added to sso_proxy in buzzfeed/sso#106 is undocumented. In particular, it's not immediately obvious how to a) generate an appropriate keypair or b) validate a signed request in an upstream service.

Describe the solution you'd like

New documenta

This will allow users to set up API mgmt for provisioners, and unblock users in environments where the ca.json is not easily accessible.

The --enable-admin flag would create the first provisioner and admin (this code already exists, just behind a boolean).
The --acme flag would create an ACME provisioner.

Related: smallstep/certificates#737