Introduction to OAuth2, OpenID Connect and JSON Web Tokens (JWT)
OAuth2, OpenID Connect and JWT are the new security stack for modern applications.
What you'll learn
In a world of light-weight and cross-platform apps, devices and services we need technologies that work well on arbitrary devices and that allow us implementing our security requirements in an interoperable and manageable way. OAuth2, OpenID Connect and JWT are the replacements for the "old-school" protocols we used to build distributed security architectures with like Kerberos, WS-Trust, WS-Federation and SAML.
Table of contents
- Overview 0m
- Code Flow: Authorization Request 7m
- Code Flow: Token Request 1m
- Code Flow: Access and Refresh Token 2m
- Code Flow: Client Management 1m
- Code Flow: Summary 1m
- Code Flow: Demo 5m
- Implicit Flow 8m
- Implicit Flow: Demo 4m
- Resource Owner Credentials Flow 5m
- Resource Owner Credentials Flow: Demo 3m
- Client Flow 1m
- Summary 3m
Course FAQ
One thing that both OAuth2 and OpenID have in common is that they're dealing with security tokens. The standard today when building new apps is called the JSON Web Token which is a security token format. These three technologies work together and build the security foundation for writing modern applications.
You will learn here these technologies are actually used and how they build the new security stack for modern applications.
About the author
Dominick works as an associate consultant for the Germany-based company thinktecture (http://www.thinktecture.com). His main area of focus is security in general and identity & access control in particular. He helps customers around the world implementing claims-based identity, single sign-on, authorization and federation in their web applications, services and APIs. Dominick is an international conference speaker and the author of "Developing more-secure ASP.NET Application" and co-author of th... more