Authentication as a Microservice - Portable Customer Identity Management
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore authentication as a microservice and portable customer identity management in this 38-minute conference talk. Learn about the advantages of microservice architecture and common pitfalls, including increased network chatter and security issues. Discover the basics of authentication and authorization as a microservice, as well as JWT revocation. Gain insights into decoupling authentication, user management, and user data for a portable identity model. Understand the evolution of authentication methods, tokenization, and JSON Web Tokens. Delve into topics such as token mapping, signature verification, key rotation, and refresh tokens. Acquire knowledge on securing your authentication system and implementing revocation mechanisms.
Syllabus
Introduction
How did we log into these apps
Cookies are secure
Why is this painful
The evolution
Tokenization
Token Mapping
JSON Web Token
Header and Body
Signature
Select Change
Show Code
No Signature
HMAC Hack
RSA Public Key
Verifying RSA Signature
Rotating Keys
Key ID
JSON
Hackproof Security
Refresh Tokens
Revocation
Auth to access tokens
Taught by
OWASP Foundation
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube