OAUTH, OPENID CONNECT & .NET - THE GOOD PARTS - Anders Abel - NDC London 2024

  Рет қаралды 4,990

NDC Conferences

NDC Conferences

Күн бұрын

Пікірлер: 15
@Ry4nWTF
@Ry4nWTF 7 ай бұрын
These talks never describe the flow 99% of people use, SPA and a .NET backend. No downstream services called. What am I supposed to with access token if I only need to call my API? OpenIdConnect library only builds the claims principal based on the ID token. And the specs say "never look into the access token", so just throw it away?
@dusanrostar
@dusanrostar 7 ай бұрын
well there is "the good parts" suffix, just like JS vs JS the good parts book.....
@MrDragnil
@MrDragnil 7 ай бұрын
The SPA requests an access token from the IDP and sends it to the backend, via a Bearer token as proof the user is who they say they are.
@VenkateshKadiri66
@VenkateshKadiri66 7 ай бұрын
Why would we need to look into access token when it’s really meant for the API/Resource server that the client calls?
@MrDragnil
@MrDragnil 7 ай бұрын
You can use the claims/scopes to restrict actions a user can execute on the backend. 21:03 the SPA doesn't look at the token but the backend MUST or it's not authenticating anything.
@Am6-9
@Am6-9 7 ай бұрын
I sympathize… I have scoured the web for some simple tutorials or examples on how to authenticate a simple Angular SPA with a Flask backend against an Oauth2 provider (AzureAD or whatever it is now called in my case). Nothing…
@BesarKutleshi
@BesarKutleshi 3 ай бұрын
Worst explanation ever!
The Future of Cookies - Anders Abel - NDC Security 2024
50:10
NDC Conferences
Рет қаралды 7 М.
Everything You Ever Wanted to Know About OAuth and OIDC
33:21
Леон киллер и Оля Полякова 😹
00:42
Канал Смеха
Рет қаралды 4,7 МЛН
VIP ACCESS
00:47
Natan por Aí
Рет қаралды 30 МЛН
OAuth - the good Parts - Dominick Baier - NDC Porto 2022
57:50
NDC Conferences
Рет қаралды 11 М.
Common mistakes in EF Core - Jernej Kavka - NDC London 2024
1:05:04
NDC Conferences
Рет қаралды 9 М.
OAuth and OpenID Connect Deep Dive | Travis Spencer | API Conference 2018
59:45
It’s time to rebuild DevOps. - Paul Stack - NDC London 2024
1:07:04
NDC Conferences
Рет қаралды 4,7 М.
AuthZEN: The “OpenID Connect” for Authorization - Omri Gazitt, Aserto
36:52
CNCF [Cloud Native Computing Foundation]
Рет қаралды 368
From IL Weaving to Source Generators, the Realm story - Ferdinando Papale
49:42