OpenID Connect and OAuth2
OpenID Connect and OAuth specifications, roles and grants.
Access Token Structure
Jump to Section
Jump to a section in the video for explanation on a specific topic.
- Specifications and complexity
- Specifications landscape
- This course will be scenario-first, not protocol-first
- OAuth2 roles
- Resource owner [end user]
- Resource server [app or API controlling data]
- Client [app requesting data]
- Authorization server
- Authorization server - authorization, token, and discovery endpoints
- OAuth2 and OIDC grants - definition
- A diagram with all the grants covered in the course
Opaque Access Tokens
Authentication for web applications using OpenID Connect.
Calling an API
How to obtain and use access and refresh tokens for delegated authorization in a traditional web application.
Desktop and Mobile Apps
Authentication and delegated authorization for desktop and mobile applications and a public client overview.
Single Page Apps
Authentication and delegated authorization for single page applications.
JSON Web Token Access Tokens
Introduction to Identity
A whirlwind tour of identity history, concepts, and terminology: protocols, open standards, SSO, OAuth2, OpenID Connect and more.