OAuth 2.0 Implicit Flow Detector

Detect sites using the OAuth 2.0 implicit Flow

OAuth 2.0 Implicit Flow Detector

Download

Extension stats

This extension was removed from Chrome Web Store on 2022-07-28 due to Chrome Web Store policy violation

By: Okta Developer

Users: 526

Version: 0.1.4 (Last updated: 2020-08-25)

Creation date: 2020-05-01

Risk impact: High risk impact

Risk likelihood:

Very high risk likelihood

Manifest version: 2

Permissions:

webRequest
webRequestBlocking
https://*/*

Size: 69.43K

Email: de*****@okta.com

URLs: Website ,Privacy policy

Other platforms

Not available on Android

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Extension summary

Analyze keywords

Detect sites using the OAuth/OpenID Connect Implicit Flow.

Many websites use the OAuth and OIDC protocols (https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth) to manage web authentication and authorization.

While these standards are the best practice for web developers, many sites are still relying on the now deprecated Implicit flow (https://developer.okta.com/blog/2019/05/01/is-the-oauth-implicit-flow-dead) which isn't considered secure 🙁

This extension detects when a website is using the Implicit Flow and lets you know. It's a great way to stay conscious of the security of websites you use every day.

Extension safety

Risk impact

OAuth 2.0 Implicit Flow Detector requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.