Web Security: OAuth and OpenID Connect

Focused View

Keith Casey

1:37:41

53 View

01 - Introduction

01 - Using OAuth 2.0 and OpenID Connect.mp4

00:41

02 - What you should know.mp4

02:00

03 - How to use code for this course.mp4

01:13

02 - 1. What Is OAuth

01 - Describing OAuth 2.0.mp4

02:44

02 - Making OAuth 2.0 useful with extensions.mp4

03:41

03 - Extending OAuth 2.0 with OpenID Connect.mp4

02:22

03 - 2. Foundational Concepts

01 - OAuth 2.0 fundamentals.mp4

03:02

02 - Touring the OAuth endpoints.mp4

02:39

03 - Grant type overview.mp4

02:14

04 - Designing and using OAuth scopes.mp4

03:15

05 - Using the OAuth playground.mp4

02:43

04 - 3. OAuth Tokens

01 - OAuth 2.0 tokens.mp4

02:14

02 - Validating JWTs.mp4

03:44

03 - Handling tokens safely and securely.mp4

03:14

05 - 4. Grant Type Authorization Code

01 - Overview Authorization Code Flow.mp4

01:58

02 - When should you use this.mp4

01:40

03 - Lab Build an example (web app or Postman).mp4

04:11

04 - Auth-Code and PKCE overview.mp4

02:25

05 - When should you use PKCE.mp4

01:37

06 - Lab Build an example (native app or spa).mp4

03:39

07 - Security considerations.mp4

02:17

06 - 5. Grant Type Resource Owner Password

01 - Overview Resource Owner Password flow.mp4

01:37

02 - When should you use this.mp4

01:27

03 - Lab Build an example (curl).mp4

01:43

04 - Security considerations.mp4

02:33

07 - 6. Grant Type Client Credential

01 - Overview Client Credential Flow.mp4

02:54

02 - When should you use this.mp4

01:54

03 - Lab Build an example (curl).mp4

03:14

04 - Security considerations.mp4

01:56

08 - 7. Grant Type Device Grant Type

01 - Overview Device flow.mp4

02:04

02 - When should you use this.mp4

01:21

03 - Lab Build an example (kiosk).mp4

01:54

04 - Security considerations.mp4

02:21

09 - 8. Using an OAuth Architecture

01 - OAuth recommended practices.mp4

03:31

02 - Lab Configuring an OAuth server in PHP.mp4

02:26

03 - Lab Configuring an OAuth server in Node.js.mp4

01:57

04 - OAuth 2.0 as a service using Auth0.mp4

02:41

10 - 9. State of the Industry

01 - OAuth extensions.mp4

03:28

02 - Industry-specific OAuth extensions.mp4

03:04

11 - Conclusion

01 - Next steps.mp4

02:03

Description

While many technical professionals claim to know and understand OAuth, reality often suggests otherwise. Implementing the proper grant types and the required flows while securely protecting your secrets is challenging at best and catastrophic at worst. Fundamentally, professionals often struggle with OAuth because they misunderstand what it is, what use cases it is particularly good and bad at, and how to integrate it smoothly and safely into their systems. In this course, Keith Casey reviews the basics of OAuth 2.0 and OpenID Connect and shows how to use them to authenticate your applications. He covers tokens and scopes, designing and building key workflows, addressing common security considerations, and more.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Cyber Security

Network Security

Cyber Security Awareness

Keith Casey

Instructor's Courses

Linkedin Learning

View courses Linkedin Learning

LinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications. It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.