Explain it to Me Like I’m 5: Oauth2 and OpenID

Рет қаралды 69,590

Күн бұрын

OAuth2 and OpenID Connect are quickly becoming mainstays for application developers. Companies want integrated authentication to reduce security footprints and users expect the convenience of single sign-on. As an application developer, it’s up to you to facilitate this in your applications.
In this talk, you’ll learn about OAuth2 and OpenID Connect. The focus will be on concepts and terminology, which is standard across OAuth2 providers and implementations, with the specific goal of presenting them in the simplest way possible. The session will also demonstrate how the concepts covered are used as you interact with OAuth2 providers and develop your Spring Boot and Spring Security applications.
The goal of this session is that you walk out with practical knowledge about OAuth2 and OpenID connect and the confidence to implement these technologies in applications you develop at your company.
Daniel Mikusa: Senior Staff Technical Support Engineer at VMware
Slides: www.slideshare.net/Pivotal/ex...

Пікірлер: 32

@sara-subramanian 2 жыл бұрын

Succinct and yet so illustrative! Learnt a thing or two about technical presentations too! Great presentation and presenter!

@KeyserTheRedBeard 3 жыл бұрын

neat upload SpringDeveloper. I crushed that thumbs up on your video. Keep on up the really good work.

@igorilievski6634 2 жыл бұрын

Insanely good. I was already familiar with this concepts, but now I actually can communicate them to nontechnical personal. Great presentation!

@MrMeMyselfMe 3 жыл бұрын

Awesome presentation!

@janigerud 2 жыл бұрын

Really great explanation!!! Big thanks for making it

@richardlanglois5183 3 жыл бұрын

Great presentation!

@abayansal Жыл бұрын

fantastic explanation of oauth and openid!!!

@RaviYasas 3 жыл бұрын

Nice explanation !!!

@alexauto4578 2 жыл бұрын

This is very useful even if I am a little bit above 5 :)

2 жыл бұрын

Great talk!

@idealdev7945 3 жыл бұрын

Awesome!

@zoladkow 3 жыл бұрын

@33:20 i'd say that a wrist band is the analog of an access token (you can go out and back in to the party) while for an id token that would be a badge (name & photo, etc)... 🙃

@sergiogomez189 2 жыл бұрын

do you have any example using : (Client Initiated Backchannel Authentication, keycloak and spring boot) please

@numankaraaslan 3 жыл бұрын

Yep, i am a 5 year old because this worked for me :) Thanks.

@ec9386 Жыл бұрын

33:15 Why is the ticket booth is called authorization server? It checks your identity, so it should be authentication, right? Please correct me if my understanding is wrong, thanks!

@TimBee100 3 жыл бұрын

Can't the bearer token be of JWT format?

@IvanRandomDude 3 жыл бұрын

It can be of any format. OAuth specification doesn't define format of the tokens. You can generate your own tokens if you want.

@evgeniyrymko8520 11 ай бұрын

It's top!👍

@veroniquenollet7718 3 жыл бұрын

Where can I get the presentation so I can click the links? thanks!

@veroniquenollet7718 3 жыл бұрын

I found it. SOLVED!

@tuacademiadeinformatica2542 2 жыл бұрын

@@veroniquenollet7718 ¿where is it??

@AjayKumar-fd9mv Жыл бұрын

Thanks

@alive-awake Жыл бұрын

Why is AOL making me agree to these terms for my e-mail account?

@alive-awake Жыл бұрын

I guess i need it explained to me as if I was a 2 yr old.

@peternagy3654 4 ай бұрын

The speaker explains: OAuth2 focusing on what a person can do, not who that person is. Later he tells, OIDC is extension of OAuth2 which implements the authentication, or identity. OIDC focus is to prove who someone, not what they can do. Am I the only one feel confused? Please correct me if I'm wrong, but in the original OAuth2 (without the OIDC extension) authenticating the user was the authorization-server responsibility. Based on the successful authentication, it could determine the authorities of the user. These authorities (stored in the issued token) provided information to the underlying services to make authorization related decisions. So what the OIDC add to this flow? What is the purpose of the separated access and id token. What problem this separation solves? What should we store on each and when should we use them? Can you please explain that like I'm 40+ year old, no need to lower down that much.