Introduction to Oauth
Infini Tech
55:14
Description
Understand the Oauth protocol and how it works
What You'll Learn?
- Understand the core concepts of OAuth 2.0 like delegated authorization, roles of clients and servers, and access tokens
- Learn about common OAuth 2.0 authorization flows including authorization code grant and implicit grant
- Grasp how bearer tokens work, their usage, and security considerations
- Know how refresh tokens allow renewed access without reauthenticating
- Gain knowledge of OpenID Connect identity tokens built on OAuth 2.0 foundations
- Understand the need for Oauth PKCE to thwart common attacks on Oauth2.0
Who is this for?
What You Need to Know?
More details
DescriptionThis course provides an introduction to OAuth 2.0 and OpenID Connect, two important protocols for authorization and authentication. We will cover the basics of OAuth 2.0, including the delegated authorization concept and the roles of the client, resource owner, authorization server, and protected resources. We will explore OAuth authorization methods like authorization code grant, implicit grant, resource owner credentials, and client credentials. We will understand the process of how an end user grants access to a third party application in order to delegate authorization. Additionally, we will discuss bearer tokens, their usage, and security considerations that come with bearer tokens. Refresh tokens will also be covered, including their longer lifespan and revocation by the authorization server.
For OpenID Connect, we will learn how it builds on OAuth 2.0 to enable client verification of user identity through ID tokens. We will also cover client registration, which provides metadata to the authorization server, and client types like confidential and public. Other key topics include client profiles such as web applications and native applications. Through lectures, hands-on examples, and real-world use cases, students will gain foundational knowledge of OAuth 2.0 and OpenID Connect to apply to real-world application development scenarios.
Who this course is for:
- Cybersecurity engineers and analysts interested in identity management
- IT professionals working on identity and access management
- Anyone seeking a solid grasp of OAuth and OpenID Connect fundamentals
This course provides an introduction to OAuth 2.0 and OpenID Connect, two important protocols for authorization and authentication. We will cover the basics of OAuth 2.0, including the delegated authorization concept and the roles of the client, resource owner, authorization server, and protected resources. We will explore OAuth authorization methods like authorization code grant, implicit grant, resource owner credentials, and client credentials. We will understand the process of how an end user grants access to a third party application in order to delegate authorization. Additionally, we will discuss bearer tokens, their usage, and security considerations that come with bearer tokens. Refresh tokens will also be covered, including their longer lifespan and revocation by the authorization server.
For OpenID Connect, we will learn how it builds on OAuth 2.0 to enable client verification of user identity through ID tokens. We will also cover client registration, which provides metadata to the authorization server, and client types like confidential and public. Other key topics include client profiles such as web applications and native applications. Through lectures, hands-on examples, and real-world use cases, students will gain foundational knowledge of OAuth 2.0 and OpenID Connect to apply to real-world application development scenarios.
Who this course is for:
- Cybersecurity engineers and analysts interested in identity management
- IT professionals working on identity and access management
- Anyone seeking a solid grasp of OAuth and OpenID Connect fundamentals
User Reviews
Rating
Infini Tech
Instructor's Courses
Udemy
View courses Udemy- language english
- Training sessions 6
- duration 55:14
- Release Date 2023/12/25
