You can of course use Macaroons with OAuth, which was something that I tried to get the OAuth WG interested in, with little success. But I did get it added to my then employer’s AS product: https://neilmadden.blog/2020/07/29/least-privilege-with-less...
(Not sure why the images in that post are suddenly broken, will try to fix later).
This also reminds me that I need to finish off my own take on Biscuits/Macaroons that takes a completely different approach based on Diffie-Hellman. I call them Florentines.
(Not sure why the images in that post are suddenly broken, will try to fix later).
This also reminds me that I need to finish off my own take on Biscuits/Macaroons that takes a completely different approach based on Diffie-Hellman. I call them Florentines.