On 10/5/20 6:02 PM, Eric Tykwinski via mailop wrote: > I’m not sure about SendGrid per say, but Twilio is mainly an API provider, so > full OAUTH, private keys, et al, as I’m a customer of their SMS, phone > service, et al. > As far as I know SendGrid is the same, but not saying that hacked websites, > floating private keys, and the such are not common.
I'm not doubting their ability provide IdP-like services. I was making the supposition that their problems are due to their customers' passwords being vulnerable to credential stuffing. A potential solution would be for them to stop acting as an IdP for users that exist in domains that already have an IdP. Jesse _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
