ActivityPub Viewer

A small tool to view real-world ActivityPub objects as JSON! Enter a URL or username from Mastodon or a similar service below, and we'll send a request with the right Accept header to the server to view the underlying object.

Open in browser →
{ "@context": [ "https://www.w3.org/ns/activitystreams", { "ostatus": "http://ostatus.org#", "atomUri": "ostatus:atomUri", "inReplyToAtomUri": "ostatus:inReplyToAtomUri", "conversation": "ostatus:conversation", "sensitive": "as:sensitive", "toot": "http://joinmastodon.org/ns#", "votersCount": "toot:votersCount", "litepub": "http://litepub.social/ns#", "directMessage": "litepub:directMessage", "Hashtag": "as:Hashtag" } ], "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102", "type": "Note", "summary": null, "inReplyTo": null, "published": "2023-03-10T01:10:47Z", "url": "https://infosec.exchange/@breditor/109996320162191102", "attributedTo": "https://infosec.exchange/users/breditor", "to": [ "https://www.w3.org/ns/activitystreams#Public" ], "cc": [ "https://infosec.exchange/users/breditor/followers" ], "sensitive": false, "atomUri": "https://infosec.exchange/users/breditor/statuses/109996320162191102", "inReplyToAtomUri": null, "conversation": "tag:infosec.exchange,2023-03-10:objectId=50148751:objectType=Conversation", "content": "<p>The <a href=\"https://infosec.exchange/tags/okta\" class=\"mention hashtag\" rel=\"tag\">#<span>okta</span></a> hardening advice I’m perhaps least qualified to give is how to protect user devices from malware infection.</p><p>Given the diminishing reliance on network-based controls, we’re more dependent on endpoint security than ever to protect devices from infostealers that extract creds and session tokens from the browser.</p><p>From an identity perspective, I’d encourage Okta Identity Engine admins to consider: <br />- Third-party EDR integrations that prevent authentication to workplace apps from devices with poor posture, <br />- Device Assurance for unmanaged devices (available with Okta Verify/FastPass),<br />- Setting the max and idle session times in the Global Sign-in Policy in line with NIST guidance, and <br />- Setting reauthentication frequency “At Every Sign-in” for high risk apps (in Authentication Policies)</p><p>Weirdly enough, your choice of factors also has a role to play. As a device-bound authenticator, Okta’s FastPass can be configured to reassess device context every time a user attempts to open an app, diminishing the value of a stolen session.</p>", "contentMap": { "en": "<p>The <a href=\"https://infosec.exchange/tags/okta\" class=\"mention hashtag\" rel=\"tag\">#<span>okta</span></a> hardening advice I’m perhaps least qualified to give is how to protect user devices from malware infection.</p><p>Given the diminishing reliance on network-based controls, we’re more dependent on endpoint security than ever to protect devices from infostealers that extract creds and session tokens from the browser.</p><p>From an identity perspective, I’d encourage Okta Identity Engine admins to consider: <br />- Third-party EDR integrations that prevent authentication to workplace apps from devices with poor posture, <br />- Device Assurance for unmanaged devices (available with Okta Verify/FastPass),<br />- Setting the max and idle session times in the Global Sign-in Policy in line with NIST guidance, and <br />- Setting reauthentication frequency “At Every Sign-in” for high risk apps (in Authentication Policies)</p><p>Weirdly enough, your choice of factors also has a role to play. As a device-bound authenticator, Okta’s FastPass can be configured to reassess device context every time a user attempts to open an app, diminishing the value of a stolen session.</p>" }, "attachment": [], "tag": [ { "type": "Hashtag", "href": "https://infosec.exchange/tags/okta", "name": "#okta" } ], "replies": { "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102/replies", "type": "Collection", "first": { "type": "CollectionPage", "next": "https://infosec.exchange/users/breditor/statuses/109996320162191102/replies?only_other_accounts=true&page=true", "partOf": "https://infosec.exchange/users/breditor/statuses/109996320162191102/replies", "items": [] } }, "likes": { "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102/likes", "type": "Collection", "totalItems": 2 }, "shares": { "id": "https://infosec.exchange/users/breditor/statuses/109996320162191102/shares", "type": "Collection", "totalItems": 1 } }