Learn about authorization strategies for modern multi-client distributed applications powered by microservices. Explore a reference architecture that combines OpenID Connect, OAuth 2.0, tokens, and claims to achieve a healthy separation of concerns between identity, authorization, and business logic. Discover how PolicyServer implements this architecture, allowing for future growth and scalability. Dive into topics such as security tokens, identity permissions, policy-based authorization, and dependency injection. Gain insights into UI implementation and explore code examples demonstrating the new Policy API. By the end of this 54-minute talk, you'll have a comprehensive understanding of best practices for implementing authorization in modern application architectures.
Overview
Syllabus
Intro
Approach
Types
SEMAN
Policy Server
Security Token
Identity Permissions
Authorization Data
Architecture
Strategies
Policy Based Authorization
Code Example
New Policy API
Dependency Injection
Policy Definition
Policy Provider
Policy System
Summary
UI Week
UI Week Examples
Documentation
Taught by
NDC Conferences
