Overview
Explore the challenges of authentication and authorization in distributed systems, microservices, and Web APIs through this comprehensive conference talk. Delve into the principles of OAuth2, OpenID Connect, and JSON Web Tokens (JWT) standards, and discover how they address auth* challenges in modern architectures. Learn about a clever solution using JBoss Keycloak, and gain insights into security tokens, authorization flows, refresh token flows, and JWT claims. Examine practical implementations with JavaScript and security APIs, and understand the ecosystem of managed services. Conclude with a Q&A session to solidify your understanding of Single Sign-On (SSO) for Web APIs.
Syllabus
Intro
Security
Token
Authorization Flow
Refresh Token Flow
OpenID Connect
JSON Web Tokens
JWT Claims
JWT Tokens
Conclusion
JavaScript
Security APIs
Ecosystem
Managed services
Key Clock
KeyClock
Code
Questions
Taught by
Devoxx