Advanced Consent & Delegation Models: OAuth Scopes, Admin Consent, and Permission Sprawl
Advanced Consent & Delegation Models: OAuth Scopes, Admin Consent, and Permission Sprawl TL;DR OAuth consent is your new attack surface. And users click “Accept” on it faster than they skip terms of service agreements. Which is to say, instantly. When users click “Sign in with Google” or “Connect to Office 365,” they’re granting third-party applications delegated access to corporate data—email, files, calendars, contacts. Five clicks, and that random productivity app now has “Mail....