Introduction to Identity
A whirlwind tour of identity history, concepts, and terminology: protocols, open standards, SSO, OAuth2, OpenID Connect and more.
Jump to Section
Jump to a section in the video for explanation on a specific topic.
- What is the problem with identity?
- What can Auth0 do for you?
- Identity, protocols and open standards
- Specs most relevant for our work at Auth0
- Introducing the history part of the presentation
- User passwords in every app
- Cross domain SSO
- Shadow accounts
- Security token
- Digital signature
- Representing a session with a cookie
- The password sharing anti-pattern
- Delegated authorization: OAuth2
- Authorization server
- OAuth2 is NOT an authentication protocol
- Authorization code
- Client registration, client secret
- Access token, scope
- Layering sign in on top of OAuth2: OpenID Connect
- Auth0: an intermediary keeping complexity at bay
OpenID Connect and OAuth2
OpenID Connect and OAuth specifications, roles, and grants.
Authentication for web applications using OpenID Connect.
Calling an API
How to obtain and use access and refresh tokens for delegated authorization in a traditional web application.
Desktop and Mobile Apps
Authentication and delegated authorization for desktop and mobile applications and a public client overview.
Single Page Apps
Authentication and delegated authorization for single page applications.