I really like this 5 minutes format. I wanted to know the difference between Public and Confidential Access Type and you made it short and concise. This is how it needs to be! No beating around the bush. Short, concise with pleasant background music. thanks for that!
@tstcikhthys3 жыл бұрын
This guy and his Okta-sponsored OAuth website is a godsend. So informative, yet simple to understand.
@BrokenSword172 жыл бұрын
Thank you SOOOOOO much.... I have worked in IT for years and we need unsung heroes like you. People always use 20-dollar top-shelf words for such simple concepts.
@deepsits7995 Жыл бұрын
Crisp and to the point information. Thanks for sharing.
@mabonora4 жыл бұрын
It's hard to find videos so concise and clear like this one. Loved it! It helped me a lot.
@alex_chugaev4 жыл бұрын
Your videos helped me a lot, thank you, you're the best!
@wfwf76453 жыл бұрын
Short but extremely clear explanation, thanks!
@torstenlodderstedt55905 жыл бұрын
Hi Aaron, I like your video. One addition: client authentication also increases the level of confidence regarding the client's identity, which also means the AS may give an authenticated client more privileges, e.g. using client credentials.
@nightpool423 жыл бұрын
This is a common misconception. There is no concept of an "identity" for a public client-any attacker can trivially be in full control of the client's code and secrets, and can manipulate it into doing whatever it wants.
@mamoudoufofana43162 жыл бұрын
Good job, thank you
@nguyenquan4836 Жыл бұрын
Thanks very info.
@phpdude5 жыл бұрын
Thank you for this
@jamesallen745 жыл бұрын
Great video, and yes I did "like" it.
@anatoliistepaniuk82174 жыл бұрын
Is it recommended to use Confidential client over Public client if there such opportunity? if yes, then why?
@fooked14 жыл бұрын
Can you please explain the need for PKCE vs ROPC grant when the client is public but I own both of them? For example, my backend API has an OAuth provider as middleware and my frontend app is a JS SPA. I'm trying to understand how ROPC is different from typical token based authentication/authorization systems that don't use OAuth.
@brucewayne24803 жыл бұрын
Lol after reading many articles and seeing this video, I'm still confused between those terms what if my application is a typical web app that has a backend server and a frontend (React app, angular app) , (same for native mobile app) should I use confidential or Public ?