All news with #openid connect tag

GitHub mandates 2FA, short-lived tokens for npm publishing

🔐 GitHub said it will change npm authentication and publishing practices in the near future to address recent supply-chain attacks, including the Shai-Hulud incident. The company will require 2FA for local publishes, deprecate legacy tokens and TOTP in favor of FIDO, introduce seven-day granular publishing tokens, and enable OIDC-based trusted publishing. The npm CLI will also auto-generate provenance attestations to prove source and build environment.

AWS HealthImaging Adds OIDC for DICOMweb APIs Integration

🔐 AWS HealthImaging now supports OpenID Connect (OIDC) authentication for DICOMweb REST APIs, enabling OAuth 2.0–compatible identity providers to issue JWTs to authorize requests. You can integrate existing IdPs such as Amazon Cognito, Okta, or Auth0 to manage user accounts and access to DICOM resources. OIDC support is limited to DICOMweb REST API requests while native AWS IAM authentication remains available for all API calls and the feature is available in all regions where HealthImaging is generally available.