OpenID Connect

Description

Single sign-on and federated identity on the web have long been a nightmare. Overly complex XML-based systems are hard to implement in an interoperable way. OAuth 2.0 seems like a good solution but was never built for authentication. As a consequence, many OAuth 2.0-based authentication systems are insecure.

Enter OpenID Connect. Designed for authentication and built on top of OAuth 2.0, OpenID Connect addresses many problems developers have struggled with over the years. This course positions OpenID Connect and explores how to authenticate end users against an identity provider. By applying these principles, you can significantly improve the architecture of your application.

Course Themes

  • A deeper look at the technical details of OAuth 2.0 and advanced scenarios
  • New flows added to OAuth 2.0 and new addendums for OAuth 2.0
  • Various mechanisms to strengthen the security properties of OAuth 2.0 architectures further

Learning Objectives

  • Position OpenID Connect in the world of web-based delegation and identity federation systems.
  • Implement a secure OpenID Connect flow for various types of web applications.
  • Understand how identity providers offer SSO solutions and advanced session management mechanisms.
  • Use dynamic discovery to load the necessary information from the identity provider.
  • Use additional security features to fine-tune the security properties of OpenID Connect flows.

Details

Delivery Format: eLearning

Duration: 1 Hour

Level: Advanced

Intended Audience: 

  • Back-end developers
  • Front-end developers
  • Enterprise developers
  • Architects
Competencies:
  • Basic understanding of web development and HTTP
  • Basic understanding of authentication and access control
  • Basic understanding of cryptography
  • Basic understanding of OAuth 2.0
Prerequisites:

 

Get more course information


250 / 250