A Visual Journey to Demystifying OAuth2 and OIDC - Why Do They Exist and How to Properly Use Them to Secure Your Applications

Embark on a visual journey to demystify OAuth2 and OpenID Connect (OIDC) in this 49-minute conference talk from LASCON. Explore the reasons behind the creation of standards like OAuth2, OIDC, JWT, and Bearer tokens, and understand the problems they aim to solve. Discover the key differences between OAuth2 and OIDC, and learn why they are distinct concepts. Delve into major workflows (grants), their unique characteristics, appropriate use cases, and situations where they should be avoided. Gain insights into JWTs and Bearer tokens, understanding their security features and how these standards work together to create a secure authentication, authorization, and access control ecosystem. Presented by Anton Aleksandrov, Principal Solution Architect for Serverless at AWS, this talk provides a comprehensive mind map to help you properly secure your applications using these essential protocols.