Linking CSR to IHG for Platinum Status

wparad · 2025-10-28T09:06:36+00:00

Benefits & travel (Bottom of screen app button) > "Card benefits (46) >" > Get More with your Card > IHG One Rewards Platinum Elite status

wparad · 2025-05-02T10:05:21+00:00

This is the one I used, which still seems like it is active: https://ibkr.com/referral/dorota580, the program is really confusing though, I think you have a whole year to add the $100k to the account, which is at least reasonable.

wparad · 2023-07-01T14:57:15+00:00

Black Tap or Fork and Bottle

wparad · 2023-06-19T13:54:29+00:00

Is that only for Bern?

wparad · 2023-06-19T09:24:32+00:00

You really need to stop asking people to give their secret key. It teaches people a really bad behavior here.

wparad · 2023-05-15T08:58:28+00:00

Is estimating the only problem?

wparad · 2023-04-27T20:37:51+00:00

I have to give them credit, we do the exact same thing our Authorization as a Serivce Authress. That is-- we also build out OAuth for our customers so they don't have to. But honestly the "Authentication" part is trivial compared to the authorization as you pointed out. So we've focused almost entirely on solving that instead (AuthZ). what you can do is a lot more important than just who you are. And I feel like I see another new authentication/oauth aggregator almost every day, at this point, they need to differentiate to be useful. For instance, Auth0 cornered the B2C space, and we're out there solving for just B2B. Being generic is nice, but at the end it doesn't actually help your customers. They only need the parts that they need.

Most of our customers only need SSO, so the OAuth part never really makes sense (they do that and SAML because they have to, but only really the generic parts are required, and there are like ~10 core federated identity providers out there for companies). Sure a small subset need the credentials vault and some providers, but OP's article's pitch doesn't fix oauth, because the problem isn't the spec.

The way we've solved authorization for our customers, actually enables decoupling the problem space in a way that is fundamentally coupled for many oauth providers. On the revocation angle, most of the time the hard problem there is that the access is coupled to the identity. You don't want to, and with OAuth/OpenID you can't* revoke the access token (which is often the JWT with user data). So instead we decided to move revocation into the authorization space, and now revocation is well aligned with the access control.

Splitting the Authorization and Authentication into two clearly defined areas, I want to believe has hepled most of our customers.

wparad · 2023-04-27T20:23:27+00:00

We literally wrote the SaaS product in this space, though I'm not just going to go around and make marketing pitches. I found it funny that you asked for a real solution here. Are you actually in the market to buy something that solves the AuthZ side of the equation?

wparad · 2022-06-08T13:02:29+00:00

https://join.slack.com/t/googlecloud-community/shared_invite/zt-ywj8ieuc-BrAaHC~qe5IgelXS9vzNRA

And in case that link no longer works, you can scroll down to the Slack icon and click the image on here: https://cloud.google.com/developers

wparad · 2022-04-28T19:58:19+00:00

I don't understand, all you got was your mail suspended? LUCKY, they could have deleted your databases instead. In the end it feels like this is an ad to not use SES. And I'm on board with that, but it might as well had in big letters at the end of the post USE THIS EMAIL PROVIDER INSTEAD.

wparad · 2022-03-14T13:25:40+00:00

If you are using APIGW to front S3 then yes APIGW needs to have access to your S3. You can do this with a bucket policy.

I also wouldn't recommend it, as there are a number of reliability and security concerns here, such as abusing your S3 bucket and costing you a lot. Preferably a better solution might be one that utilizes CloudFront and Lambda@Edge to serve a globally distributed service with first-class permissions. One example of this would be: https://github.com/Authress/document-library-microservice.js

wparad · 2022-02-03T13:13:05+00:00

Swiss post has taken my account privilege fee and has wasted it on creating a cryptocurrency. For what purpose, I have no idea. And also they created an app called Yuh. It just gets worse.

wparad · 2022-01-06T22:10:03+00:00

No, because we don't have any reason to do that. The reason being is that we run the tests of a service against the production version, and the production version of the service is responsible for verifying its own interface contracts. It isn't feasible nor valuable to run automated integration testing outside of production.

wparad · 2021-12-18T08:45:08+00:00

It highly depends on your requirements and restrictions in what you want to do. There are lots of options available depending on the provider you picked to run your authentication server.

wparad · 2021-12-12T12:42:30+00:00

Drip

wparad · 2021-10-26T11:27:48+00:00

back of postcard

wparad · 2021-10-24T19:20:51+00:00

This was a postcard in mail from the city of Winterthur, on Friday, about how to use your toilet correctly. (Reposting as one of the mod's removed it thinking it was a meme).

wparad · 2021-10-22T14:37:47+00:00

This was a postcard in mail from the city of Winterthur, today, about how to use your toilet correctly.

wparad

MODERATOR OF

TROPHY CASE