Markus Eisele (@myfear): "Standard OIDC flows are great until your authorization URLs become massive and leak sensitive data in browser history. I wrote a breakdown on using Pushed Authorization Requests (PAR) with Quarkus and Keycloak. It’s a cleaner way to handle auth by moving parameters server-side …"

The app for independent voices

Standard OIDC flows are great until your authorization URLs become massive and leak sensitive data in browser history.

I wrote a breakdown on using Pushed Authorization Requests (PAR) with Quarkus and Keycloak. It’s a cleaner way to handle auth by moving parameters server-side before the user ever hits the login page.

Check it out: myfear.substack.com/p/p…

The Main Thread

Quarkus 3.31 Security Upgrade: Pushed Authorization Requests with Keycloak

Apr 9

5:20 PM

The app for independent voices

Log in or sign up