YoVDO

Web Security: OAuth and OpenID Connect

Offered By: LinkedIn Learning

Tags

OAuth Courses OpenID Connect (OIDC) Courses Web Security Courses

Course Description

Overview

Learn how to work with OAuth and OpenID Connect to authenticate your applications.

Syllabus

Introduction
  • Using OAuth 2.0 and OpenID Connect
  • What you should know
  • What you will need
1. What Is OAuth?
  • Describing OAuth 2.0
  • Making OAuth 2.0 useful with extensions
  • Extending OAuth 2.0 with OpenID Connect
2. Foundational Concepts
  • OAuth 2.0 fundamentals
  • Touring the OAuth endpoints
  • Designing and using OAuth scopes
3. OAuth Tokens
  • OAuth 2.0 tokens
  • Validating JWTs
  • Using access and refresh tokens
  • Parsing and using ID tokens
  • Handling tokens safely and securely
4. Grant Type: Authorization Code
  • Overview: Authorization code flow
  • When should I use this?
  • PKCE Overview
  • When should I use PKCE?
  • Build an example: Web app or Postman
  • Build an example: Native app or SPA
  • Security considerations
5. Grant Type: Implicit/Hybrid
  • Overview: Implicit flow
  • When should I use this?
  • Build an Example: SPA
  • Security considerations
6. Grant Type: Resource Owner Password
  • Overview: Resource owner password flow
  • When Should I use this?
  • Build an example: curl
  • Security considerations
7. Grant Type: Client Credential
  • Overview: Client credential flow
  • When should I use this?
  • Build an example: curl
  • Security considerations
8. Grant Type: Device Grant Type
  • Overview: Device flow
  • When should I use this?
  • Build an example: Kiosk
  • Security considerations
9. Using an OAuth Architecture
  • OAuth recommended practices
  • Configuring an OAuth server in PHP
  • Configuring an OAuth server in Node.js
  • OAuth 2.0 as a service using Okta
10. State of the Industry
  • OAuth extensions
  • Industry specific OAuth extensions
Conclusion
  • Next steps

Taught by

Keith Casey

Related Courses

API Security on Google Cloud's Apigee API Platform
Google Cloud via Coursera
API Security on Google Cloud's Apigee API Platform
Google via Google Cloud Skills Boost
Developing APIs with Google Cloud's Apigee API Platform
Google Cloud via Coursera
Building RESTful APIs Using Node.js and Express
NIIT StackRoute via Coursera
API Development
Codio via Coursera