Advanced OAuth 2.0 Topics

Course Description

Almost every company that exposes an API is converging toward OAuth 2.0 as a delegation framework. Therefore, OAuth 2.0 is still under active development, and a wide variety of complex deployment scenarios are supported. In this course, we look at a couple of new and upcoming features. We also investigate a commonly misunderstood scenario: doing user authentication with OAuth 2.0.

Course Themes

  • How OpenID Connect fills the OAuth 2.0 identification gap
  • Why to use OpenID Connect for many different types of identification requirements
  • How JSON Web Tokens improve on past solutions
  • Why much of the work of building secure OIDC solutions is up to the developer

Learning Objectives

  • Implement a secure third-party authentication scenario using OAuth 2.0.
  • Describe the technical requirements for revoking OAuth 2.0 tokens.
  • Explain the challenges with token theft, and potential solutions in the OAuth 2.0 ecosystem.
  • Explain how to deploy OAuth 2.0 in alternate scenarios, such as mobile applications.

Details

Delivery Format: eLearning

Duration: 1 Hour

Level: Advanced

Intended Audience:

  • Architects
  • Back-End Developers
  • Mobile Developers

Competencies:

  • Good understanding of the mechanics of the web
  • Good understanding of the concepts offered by OAuth 2.0

Prerequisites

Get more course information


250 / 250