Web Security: OAuth and OpenID Connect
Offered By: LinkedIn Learning
Course Description
Overview
Learn how to work with OAuth and OpenID Connect to authenticate your applications.
Syllabus
Introduction
- Using OAuth 2.0 and OpenID Connect
- What you should know
- What you will need
- Describing OAuth 2.0
- Making OAuth 2.0 useful with extensions
- Extending OAuth 2.0 with OpenID Connect
- OAuth 2.0 fundamentals
- Touring the OAuth endpoints
- Designing and using OAuth scopes
- OAuth 2.0 tokens
- Validating JWTs
- Using access and refresh tokens
- Parsing and using ID tokens
- Handling tokens safely and securely
- Overview: Authorization code flow
- When should I use this?
- PKCE Overview
- When should I use PKCE?
- Build an example: Web app or Postman
- Build an example: Native app or SPA
- Security considerations
- Overview: Implicit flow
- When should I use this?
- Build an Example: SPA
- Security considerations
- Overview: Resource owner password flow
- When Should I use this?
- Build an example: curl
- Security considerations
- Overview: Client credential flow
- When should I use this?
- Build an example: curl
- Security considerations
- Overview: Device flow
- When should I use this?
- Build an example: Kiosk
- Security considerations
- OAuth recommended practices
- Configuring an OAuth server in PHP
- Configuring an OAuth server in Node.js
- OAuth 2.0 as a service using Okta
- OAuth extensions
- Industry specific OAuth extensions
- Next steps
Taught by
Keith Casey
Related Courses
API Security on Google Cloud's Apigee API PlatformGoogle Cloud via Coursera API Security on Google Cloud's Apigee API Platform
Google via Google Cloud Skills Boost Developing APIs with Google Cloud's Apigee API Platform
Google Cloud via Coursera Building RESTful APIs Using Node.js and Express
NIIT StackRoute via Coursera API Development
Codio via Coursera