Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Common Mistakes and Misconceptions in Web App Security Using OAuth 2.0 and OpenID Connect

NDC Conferences via YouTube

Overview

Explore common mistakes and misconceptions in web application security using OAuth 2.0 and OpenID Connect in this comprehensive conference talk. Delve into the intricacies of authorization and authentication, examining how OAuth 2.0 and OpenID Connect (OIDC) address these challenges. Gain insights into potential pitfalls and misconceptions that developers may encounter when implementing these standards. Learn about client types, scopes, access tokens, JSON Web Tokens, OAuth endpoints, and grant types. Discover best practices for OAuth grants and understand concepts such as authorization code injection, PixiURI, HTTP headers, reference tokens, and refresh tokens. Explore OpenID Connect scopes, endpoints, and the hybrid flow. Benefit from practical demonstrations using IdentityServer4, a popular open-source framework for OpenID Connect and OAuth 2.0 on ASP.NET Core.

Syllabus

Intro
Authentication and Authorization
OAuth and OpenId Connect
Terminology
Client Type
Public Client
Scopes
Access Tokens
JSON Web Token
OAuth endpoints
OAuth grant types
OAuth grant best practices
Authorization code injection
Pixi
URI
HTTP Header
Reference Token
Refresh Token
OpenId Connect
OAuth Scopes
OAuth Connect Endpoints
OAuth Connect Hybrid
Use Cases

Taught by

NDC Conferences

Reviews

Start your review of Common Mistakes and Misconceptions in Web App Security Using OAuth 2.0 and OpenID Connect

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.